News for January 13, 2023


Microsoft Defender Endpoints Deleting Shortcuts
by Artie Kaye

In a recent update to security intelligence, Defender started flagging and deleting shortcuts found on desktops, start menu, and taskbar.  The issue stems from an overly broad attack service reduction rule.  Microsoft has found the specific rule and reverted it.  They stated they will be looking into the issue further.  If shortcuts have disappeared on your computer, the files and programs they point to should still remain.  As of writing, manually recreating the shortcuts will be the required step to replace the removed files.

https://www.microsoft.com/en-us/wdsi/definitions/antimalware-definition-release-notes?requestVersion=1.381.2140.0

https://www.itpro.co.uk/operating-systems/microsoft-windows/369867/windows-defender-update-deletes-start-menu-taskbar-desktop-shortcuts

https://www.bleepingcomputer.com/news/microsoft/buggy-microsoft-defender-asr-rule-deletes-windows-app-shortcuts/

WordPress Addon SQL Vulnerabilities
by Artie Kaye

Three plugins for WordPress sites have been found to contain SQL injection flaws.  They are Paid Membership Pro, Easy Digital Downloads, and Survey Maker.  Each of the respective developers were made known of the problems and have patched the exploits out in their current versions.  If you use any of these plugins, patching them as soon as you can is recommended.

The flaws are listed as CVE-2023-23488, CVE-2023-23489 and CVE-2023-23490.

https://www.tenable.com/security/research/tra-2023-2

https://www.bleepingcomputer.com/news/security/poc-exploits-released-for-critical-bugs-in-popular-wordpress-plugins/