Telephone: 1-844-NETIZEN
Tel: 1-844-NETIZEN
Email: team (at) Netizen.net
slider

Netizen: Monday Security Brief (6/2/2024)

Posted on 02 Jun 2025 at https://www.Netizen.net/news Source Link: https://blog.netizen.net

Today’s Topics:

  • Qualcomm Fixes 3 Zero-Day Vulnerabilities in Adreno GPU, Addressing Targeted Attacks on Android Devices
  • Microsoft Releases Out-of-Band Update to Address Windows 11 Boot Issues After KB5058405 Update
  • How can Netizen help?

Qualcomm Fixes 3 Zero-Day Vulnerabilities in Adreno GPU, Addressing Targeted Attacks on Android Devices

Qualcomm has recently rolled out security patches to address three critical zero-day vulnerabilities that were being actively exploited in targeted attacks. These vulnerabilities were discovered by the Google Android Security team and were disclosed to Qualcomm for swift resolution.

The vulnerabilities in question, identified as CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038, affect the Graphics component of Qualcomm’s Adreno GPU drivers. The first two vulnerabilities (CVE-2025-21479 and CVE-2025-21480) are linked to incorrect authorization issues within the GPU microcode. These flaws could result in memory corruption due to the execution of unauthorized commands while processing specific sequences. The third vulnerability (CVE-2025-27038) is a use-after-free bug that could lead to memory corruption when rendering graphics in Chrome using the Adreno GPU drivers.

Both CVE-2025-21479 and CVE-2025-21480 are rated with a CVSS score of 8.6, indicating their high severity, while CVE-2025-27038 has a CVSS score of 7.5. Qualcomm’s advisory states that there are indications these vulnerabilities have been exploited in limited, targeted attacks, according to the Google Threat Analysis Group.

The company has delivered patches to Android OEMs as of May 2025, urging the rapid deployment of these updates to affected devices. While Qualcomm has not provided specifics about the nature of the attacks, it’s noted that similar vulnerabilities in previous Qualcomm chipsets have been exploited by commercial spyware vendors like Variston and Cy4Gate.

Last year, a related Qualcomm flaw (CVE-2024-43047) was exploited by the Serbian Security Information Agency (BIA) and the Serbian police to unlock Android devices seized from activists, journalists, and protestors. This vulnerability allowed them to bypass security features using Cellebrite’s data extraction tools, enabling the deployment of spyware, including NoviSpy.

For now, Qualcomm’s patches aim to mitigate the potential risks posed by these vulnerabilities, preventing further exploitation by attackers targeting Android users through the Adreno GPU. It’s highly recommended that Android device manufacturers apply these updates promptly to safeguard their users.

Microsoft Releases Out-of-Band Update to Address Windows 11 Boot Issues After KB5058405 Update

Microsoft has released an out-of-band update to fix a critical issue affecting Windows 11 systems after the installation of the KB5058405 May 2025 security update. The problem causes some systems to enter recovery mode and fail to boot, displaying a 0xc0000098 error tied to the ACPI.sys driver, a key component for power management and device configuration in Windows.

This issue impacts Windows 11 22H2/23H2 systems, particularly in enterprise environments. Azure Virtual Machines (VMs), Azure Virtual Desktop, and on-premises VMs hosted on platforms like Citrix and Hyper-V are most affected. According to Microsoft, home users running Windows Home or Pro editions are unlikely to experience these issues, as the bug primarily affects virtualized systems in IT environments.

In response, Microsoft released the KB5062170 non-security out-of-band update over the weekend to address these installation and boot issues. This update can be manually downloaded via the Microsoft Update Catalog. For affected Azure customers, Microsoft recommends using Azure Virtual Machine repair commands as a workaround. The company also advises organizations to apply the out-of-band update instead of the KB5058405 update if their virtual desktop infrastructure includes devices running on Windows 11 22H2 or 23H2.

This issue follows recent problems Microsoft has addressed, including a latent code issue that caused some systems to upgrade to Windows 11 automatically, bypassing Intune policies. Additionally, Microsoft has had to address issues related to Windows 10 BitLocker recovery and feature update failures in previous updates.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time. 

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type. 

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is a CMMI V2.0 Level 3, ISO 9001:2015, and ISO 27001:2013 (Information Security Management) certified company. We are a proud Service-Disabled Veteran-Owned Small Business that is recognized by the U.S. Department of Labor for hiring and retention of military veterans. 

News and Updates

Sign up to get the latest news and threat briefs:

Get in Touch

Telephone: 1-844-NETIZEN
Email: Team (at) Netizen.net
Office Locations:
Allentown, PA (Headquarters)
 Arlington, VA (DC Region)
 Charleston, SC (Southeast Region)

Connect With Us

    Facebook
    Twitter
    LinkedIn
    Instagram
    GitHub

Copyright © Netizen Corporation. All Rights Reserved.