Patch Tuesday: The Use of Auchel by Ransomberg-Gang

Johannes Ulrich: Today's a bit of a patch Tuesday kind of episode with patches from a number of vendors. Ransomberg-Gang is using the bring your own vulnerable driver technique to disable endpoint protection agents. In early March two vulnerabilities were patched for paper cut that allow for remote code execution. We now have more details about this vulnerability and exploit code from Horizon 3.ai.