Researchers Uncover Critical Vulnerabilities in Windows, SPIP, and .mobi TLD for $20, PoC Published

Security researchers have identified several critical vulnerabilities affecting various systems. A significant flaw, CVE-2024-30051, in Windows allows for elevation of privilege and is being exploited by QakBot malware, with a proof of concept (PoC) published. Another critical vulnerability, CVE-2024-8517, in SPIP, leaves websites susceptible to remote attacks, with a PoC published. Additionally, researchers from watchTowr Labs demonstrated how a $20 purchase and a lapsed domain could compromise the global .mobi top-level domain (TLD). This exploit allowed them to achieve remote code execution (RCE) and effectively take control of the .mobi TLD. The findings highlight the severe risks posed by expired domain names and underscore the importance of maintaining domain integrity. The research was supported by Shadowserver through sinkholing efforts.