SOC Goulash

Hey team! It's been a bit quiet over the last 24 hours, but we've got a couple of noteworthy updates: Microsoft's re-release of a critical Windows 11 hotpatch addressing RCE flaws, and the launch of Betterleaks, a promising new open-source tool for secrets scanning.

Windows 11 Hotpatch for RRAS RCE 🛡️

- Microsoft has re-released an out-of-band (OOB) hotpatch (KB5084597) for Windows 11 Enterprise devices, targeting three Remote Code Execution (RCE) vulnerabilities (CVE-2026-25172, CVE-2026-25173, CVE-2026-26111) in the Routing and Remote Access Service (RRAS) management tool.
- These flaws could allow an authenticated attacker to achieve RCE by tricking a domain-joined user into connecting to a malicious server via the RRAS Snap-in.
- The hotpatch is specifically for devices enrolled in the hotpatch update program and managed via Windows Autopatch, offering crucial fixes without requiring a system reboot, which is vital for mission-critical environments.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/microsoft/microsoft-re-releases-windows-11-oob-hotpatch-to-fix-rras-rce-flaw/

Betterleaks: The Next-Gen Secrets Scanner 🛠️

- Betterleaks is a new open-source tool designed to scan directories, files, and Git repositories for sensitive secrets like credentials and API keys, aiming to be a more advanced successor to the popular Gitleaks.
- Developed by Zach Rice, the original author of Gitleaks, Betterleaks introduces features such as rule-defined validation using CEL, token efficiency scanning (boasting 98.6% recall), a pure Go implementation, and parallelised Git scanning for improved performance.
- Future plans for the project include support for additional data sources, LLM-assisted analysis for better secret classification, automatic secret revocation via provider APIs, and optimisations for AI-generated code workflows.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/betterleaks-a-new-open-source-secrets-scanner-to-replace-gitleaks/

#CyberSecurity #Vulnerability #RCE #Windows11 #Microsoft #Hotpatch #SecurityTools #OpenSource #SecretsScanning #DevSecOps #InfoSec

Microsoft re-releases Windows 11 OOB hotpatch to fix RRAS RCE flaw

Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates.

BleepingComputer
Mar 15 at 9:00pmWeb