Security Bulletins

Microsoft Security Bulletins   more  xml  hide  
last updated: Mon, 18 Dec 2017 10:12:01 GMT

 2017-10-19T17:00:00.0000000Z MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1
Severity Rating: Important
Revision Note: V1.1 (October 19, 2017): Corrected a typo in the CVE description.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to a website containing specially crafted JPEG content. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system. The information disclosure vulnerability by itself does not allow arbitrary code execution. However, an attacker could use this information disclosure vulnerability in conjunction with another vulnerability to bypass security features such as Address Space Layout Randomization (ASLR).
 2017-09-12T17:00:00.0000000Z MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0
Severity Rating: Critical
Revision Note: V2.0 (September 12, 2017): To address known issues with the 3170455 update for CVE-2016-3238, Microsoft has made available the following updates for currently-supported versions of Microsoft Windows: • Rereleased update 3170455 for Windows Server 2008 • Monthly Rollup 4038777 and Security Update 4038779 for Windows 7 and Windows Server 2008 R2 • Monthly Rollup 4038799 and Security Update 4038786 for Windows Server 2012 • Monthly Rollup 4038792 and Security Update 4038793 for Windows 8.1 and Windows Server 2012 R2 • Cumulative Update 4038781 for Windows 10 • Cumulative Update 4038781 for Windows 10 Version 1511 • Cumulative Update 4038782 for Windows 10 Version 1607 and Windows Server 2016. Microsoft recommends that customers running Windows Server 2008 reinstall update 3170455. Microsoft recommends that customers running other supported versions of Windows install the appropriate update. See Microsoft Knowledge Base Article 3170005 (https://support.microsoft.com/en-us/help/3170005) for more information.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or sets up a rogue print server on a target network.
 2017-09-12T17:00:00.0000000Z MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0
Severity Rating: Critical
Revision Note: V4.0 (September 12, 2017): Revised the Microsoft Windows affected software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-0165. Consumers running Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.
Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.
 2017-09-12T17:00:00.0000000Z MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0
Severity Rating: Critical
Revision Note: V3.0 (September 12, 2017): Revised the Affected Software table to include Internet Explorer 11 installed on Windows 10 Version 1703 for 32-bit Systems and Internet Explorer 11 installed on Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3326. Consumers using Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Internet Explorer on Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability. Customers who are running other versions of Windows 10 and who have installed the June cumulative updates do not need to take any further action.
Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
 2017-09-12T17:00:00.0000000Z MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0
Severity Rating: Important
Revision Note: V3.0 (September 12, 2017): Revised the Affected Software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3376. Consumers using Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.

US-CERT: The United States Computer Emergency Readiness Team   more  xml  hide  
last updated: Mon, 18 Dec 2017 10:05:42 GMT

 Fri, 15 Dec 2017 02:09:24 +0000 Google Releases Security Update for Chrome
Original release date: December 14, 2017

Google has released Chrome version 63.0.3239.108 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


 Wed, 13 Dec 2017 22:51:50 +0000 Apple Releases Security Updates
Original release date: December 13, 2017

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


 Wed, 13 Dec 2017 15:46:05 +0000 Transport Layer Security (TLS) Vulnerability
Original release date: December 13, 2017

CERT Coordination Center (CERT/CC) has released information on a Transport Layer Security (TLS) vulnerability. Exploitation of this vulnerability could allow an attacker to access sensitive information.

The TLS vulnerability is also known as Return of Bleichenbacher's Oracle Threat (ROBOT). ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain conditions. Mitigations include installing updates to affected products as they become available. US-CERT encourages users and administrators to review CERT/CC Vulnerability Note VU #144389.


This product is provided subject to this Notification and this Privacy & Use policy.


 Wed, 13 Dec 2017 00:38:13 +0000 Apple Releases Security Updates
Original release date: December 12, 2017

Apple has released security updates to address vulnerabilities in AirPort Base Station. An attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review the Apple security pages for AirPort Base Station Firmware Update 7.6.9 and Firmware Update 7.7.9 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


 Tue, 12 Dec 2017 20:29:16 +0000 Microsoft Releases December 2017 Security Updates
Original release date: December 12, 2017

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review Microsoft's December 2017 Security Update Summary and Deployment Information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.



[logo] SecurityFocus Vulnerabilities   more  xml  hide  
last updated: Mon, 18 Dec 2017 10:12:01 GMT

 2017-12-18 Vuln: Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
Hitachi Vantara Pentaho BA Platform CVE-2016-10701 Cross Site Request Forgery Vulnerability
 2017-12-18 Vuln: Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
Multiple Cisco Products Multiple Information Disclosure Vulnerabilities
 2017-12-18 Vuln: Alteon CVE-2017-17427 Information Disclosure Vulnerability
Alteon CVE-2017-17427 Information Disclosure Vulnerability
 2017-12-18 Vuln: Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
Erlang/OTP CVE-2017-1000385 Information Disclosure Vulnerability
  Bugtraq: ADVISORY - Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data - CVE-2017-15524
ADVISORY - Kemp Load Balancers - Module Application Firewall Pack (AFP) - Web Application Firewall (WAF) does not inspect HTTP POST data - CVE-2017-15524

[logo] Yahoo News - Latest News & Headlines   more  xml  hide  
last updated: Mon, 18 Dec 2017 10:23:45 GMT

 Sat, 16 Dec 2017 17:18:17 -0500 Amid Sexual Harassment Probe, Democratic Rep. Ruben Kihuen Won't Seek Re-Election

Amid Sexual Harassment Probe, Democratic Rep. Ruben Kihuen Won't Seek Re-ElectionDemocratic Nevada Rep. Ruben Kihuen said on Saturday he won’t seek re-election in 2018 just one day after the House Ethics Committee said it would investigate allegations of sexual harassment from two women.


 Sat, 16 Dec 2017 22:55:35 -0500 Mystery swirls around powerful North Korea official as Hwang Pyong-so remains missing

Mystery swirls around powerful North Korea official as Hwang Pyong-so remains missingA North Korean official widely deemed as the nation’s second most powerful figure has been missing for some time, raising speculation that he has been executed.


 Sun, 17 Dec 2017 01:10:00 -0500 NBC WSJ Poll: Democratic favorability highest since 2008

NBC WSJ Poll: Democratic favorability highest since 2008In a new poll from NBC News/Wall Street Journal, President Trump's approval sits at the lowest level for any president at this point in time.


 Sun, 17 Dec 2017 14:02:33 -0500 Sandy Hook mom rips Trump for hosting NRA exec at White House party on 5th anniversary of massacre

Sandy Hook mom rips Trump for hosting NRA exec at White House party on 5th anniversary of massacreNicole Hockley, whose son was among the 20 children killed in the 2012 Newtown, Conn., shootings, is furious about Trump’s decision to host National Rifle Association executive vice president Wayne LaPierre at a White House Christmas party on Dec. 14 — the fifth anniversary of the massacre.


 Sat, 16 Dec 2017 18:12:22 -0500 This Cat Named D-O-G Helps Train Pups To Be Service Dogs

This Cat Named D-O-G Helps Train Pups To Be Service DogsNot many cats get to have a career as a dog trainer, but one Missouri feline is doing just that.



Cisco Security Advisory   more  xml  hide  
last updated: Mon, 18 Dec 2017 09:58:36 GMT

 Fri, 15 Dec 2017 15:58:51 CST Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017
On December 12, 2017, a research paper with the title Return of Bleichenbacher's Oracle Threat was made publicly available. This paper describes how some Transport Layer Security (TLS) stacks are vulnerable to variations of the classic Bleichenbacher attack on RSA key exchange. Multiple vulnerabilities were identified based on this research.

An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions.

To exploit these vulnerabilities, an attacker must be able to perform both of the following actions:
  • Capture traffic between clients and the affected TLS server.
  • Actively establish a considerable number of TLS connections to the vulnerable server. The actual number of connections required varies with the implementation-specific vulnerabilities, and could range from hundreds of thousands to millions of connections.

Multiple Cisco products are affected by these vulnerabilities.

Cisco will release software updates that address some of these vulnerabilities.

There may be workarounds available for selected products.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
Security Impact Rating: Medium
CVE: CVE-2017-12373,CVE-2017-17428
 Thu, 14 Dec 2017 21:19:14 CST Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II
On October 16, 2017, a research paper with the title “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” was made publicly available. This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point. Additional research also led to the discovery of three additional vulnerabilities (not discussed in the original paper) affecting wireless supplicant supporting either the 802.11z (Extensions to Direct-Link Setup) standard or the 802.11v (Wireless Network Management) standard. The three additional vulnerabilities could also allow the reinstallation of a pairwise key, group key, or integrity group key.

Among these ten vulnerabilities, only one (CVE-2017-13082) may affect components of the wireless infrastructure (for example, Access Points), while the other nine vulnerabilities may affect only client devices.

Multiple Cisco wireless products are affected by these vulnerabilities.

Cisco will release software updates that address these vulnerabilities. There are workarounds that addresses the vulnerabilities in CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, and CVE-2017-13082. There are no workarounds for CVE-2017-13086, CVE-2017-13087, and CVE-2017-13088.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa

Security Impact Rating: High
CVE: CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13084,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088
 Wed, 13 Dec 2017 17:11:15 CST Cisco Email Security Appliance Header Bypass Vulnerability
A vulnerability in the Simple Mail Transfer Protocol (SMTP) header filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.

The vulnerability is due to improper handling of a malformed SMTP header in an email received on an affected device. An attacker could exploit this vulnerability by sending an email containing a crafted SMTP header. A successful exploit could allow the attacker to bypass the configured ESA content filtering mechanisms, allowing some email clients to display the malformed header information from the email message.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-esa
Security Impact Rating: Medium
CVE: CVE-2017-12353
 Tue, 12 Dec 2017 01:12:53 CST Multiple Vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players
Multiple vulnerabilities exist in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit these vulnerabilities by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of these vulnerabilities could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user.

The Cisco WebEx players are applications that are used to play back WebEx meeting recordings that have been recorded by an online meeting attendee. The player can be automatically installed when the user accesses a recording file that is hosted on a WebEx server.

Cisco has updated affected versions of the Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF and WRF Players to address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex-players
Security Impact Rating: Critical
CVE: CVE-2017-12367,CVE-2017-12368,CVE-2017-12369,CVE-2017-12370,CVE-2017-12371,CVE-2017-12372
 Tue, 05 Dec 2017 19:23:56 CST Cisco NX-OS Software TCP Netstack Denial of Service Vulnerability
4A vulnerability in the TCP stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to improper processing of certain TCP packets in the closing sequence of a TCP session while the affected device is in a TIME_WAIT state. An attacker could exploit this vulnerability by sending a specific TCP packet to an affected device on a TCP session that is already in a TIME_WAIT state. An exploit could allow the attacker to cause a reload of the TCP stack on the affected device, resulting in a DoS condition.

This vulnerability can be exploited using either IPv4 or IPv6 packets. The vulnerability can be triggered by a crafted sequence of TCP packets destined for TCP ports listening on the device. The packets may use the IPv4 or IPv6 unicast address of any interface configured on the device.

This vulnerability can be triggered only by traffic destined to an affected device and cannot be exploited using traffic that transits an affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-netstack
Security Impact Rating: High
CVE: CVE-2015-0718

powered by zFeeder

Reload this page to check for the most recent news updates.

Please read our legal disclaimer for the use of this information.

Stay Secure
Axiom understands how vital the security of your data is to your organization. Please don't hesitate to contact us if you would like a professional assessment of your network infrastructure.
Home Axiom Advisor Security Bulletins