Security Bulletins

Microsoft Security Bulletins   more  xml  hide  
last updated: Sat, 20 Jan 2018 18:48:34 GMT

 2017-10-19T17:00:00.0000000Z MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1
Severity Rating: Important
Revision Note: V1.1 (October 19, 2017): Corrected a typo in the CVE description.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to a website containing specially crafted JPEG content. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system. The information disclosure vulnerability by itself does not allow arbitrary code execution. However, an attacker could use this information disclosure vulnerability in conjunction with another vulnerability to bypass security features such as Address Space Layout Randomization (ASLR).
 2017-09-12T17:00:00.0000000Z MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0
Severity Rating: Important
Revision Note: V3.0 (September 12, 2017): Revised the Affected Software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3376. Consumers using Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system.
 2017-09-12T17:00:00.0000000Z MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0
Severity Rating: Critical
Revision Note: V4.0 (September 12, 2017): Revised the Microsoft Windows affected software table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-0165. Consumers running Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability.
Summary: This security update resolves vulnerabilities in Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits a webpage that contains specially crafted embedded fonts.
 2017-09-12T17:00:00.0000000Z MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0
Severity Rating: Critical
Revision Note: V3.0 (September 12, 2017): Revised the Affected Software table to include Internet Explorer 11 installed on Windows 10 Version 1703 for 32-bit Systems and Internet Explorer 11 installed on Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3326. Consumers using Windows 10 are automatically protected. Microsoft recommends that enterprise customers running Internet Explorer on Windows 10 Version 1703 ensure they have update 4038788 installed to be protected from this vulnerability. Customers who are running other versions of Windows 10 and who have installed the June cumulative updates do not need to take any further action.
Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
 2017-09-12T17:00:00.0000000Z MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0
Severity Rating: Critical
Revision Note: V2.0 (September 12, 2017): To address known issues with the 3170455 update for CVE-2016-3238, Microsoft has made available the following updates for currently-supported versions of Microsoft Windows: • Rereleased update 3170455 for Windows Server 2008 • Monthly Rollup 4038777 and Security Update 4038779 for Windows 7 and Windows Server 2008 R2 • Monthly Rollup 4038799 and Security Update 4038786 for Windows Server 2012 • Monthly Rollup 4038792 and Security Update 4038793 for Windows 8.1 and Windows Server 2012 R2 • Cumulative Update 4038781 for Windows 10 • Cumulative Update 4038781 for Windows 10 Version 1511 • Cumulative Update 4038782 for Windows 10 Version 1607 and Windows Server 2016. Microsoft recommends that customers running Windows Server 2008 reinstall update 3170455. Microsoft recommends that customers running other supported versions of Windows install the appropriate update. See Microsoft Knowledge Base Article 3170005 (https://support.microsoft.com/en-us/help/3170005) for more information.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or sets up a rogue print server on a target network.

[logo] SecurityFocus Vulnerabilities   more  xml  hide  
last updated: Sat, 20 Jan 2018 18:48:34 GMT

 2018-01-19 Vuln: WordPress MediaElement Cross Site Scripting Vulnerability
WordPress MediaElement Cross Site Scripting Vulnerability
 2018-01-19 Vuln: Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
Microsoft Outlook CVE-2018-0793 Remote Code Execution Vulnerability
 2018-01-19 Vuln: Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
 2018-01-19 Vuln: Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
  Bugtraq: [SECURITY] [DSA 4092-1] awstats security update
[SECURITY] [DSA 4092-1] awstats security update

[logo] Yahoo News - Latest News & Headlines   more  xml  hide  
last updated: Sat, 20 Jan 2018 18:56:33 GMT

 Thu, 18 Jan 2018 14:00:38 -0500 The resistance is organized and ready in district where Trump is visiting

The resistance is organized and ready in district where Trump is visitingDemocrats, especially women, have been organizing ever since last year’s election. And they think they have a chance to take the seat in this heavily Republican district.


 Thu, 18 Jan 2018 14:30:06 -0500 Parents Charged With Torture And Abuse Of 13 Kids May Face Life In Prison

Parents Charged With Torture And Abuse Of 13 Kids May Face Life In PrisonA California couple accused of holding their 13 children captive in their home for years face up to life in prison.


 Thu, 18 Jan 2018 15:18:23 -0500 Russian Money Ties to NRA Under FBI Scrutiny

Russian Money Ties to NRA Under FBI ScrutinyGreg Gordon, investigative reporter for McClatchy DC, talks with Rachel Maddow about news that the FBI is looking into whether Russian money was funneled to the Trump campaign through the NRA.


 Thu, 18 Jan 2018 19:02:08 -0500 House Blocks Trump's Order To Deport Palestinian Man Living In U.S. For 39 Years

House Blocks Trump's Order To Deport Palestinian Man Living In U.S. For 39 YearsLast month, with a deportation order hanging over his head, Amer Othman Adi, 57, and his family were making preparations to leave their life in Youngstown, Ohio, willingly.


 Thu, 18 Jan 2018 18:52:09 -0500 Helicopter with Zimbabwe opposition leader crashes, kills 5

Helicopter with Zimbabwe opposition leader crashes, kills 5RATON, N.M. (AP) — A group of prominent friends, including a key Zimbabwean opposition leader and a Texas-based investor and philanthropist, was heading to a ranch in the U.S. state of New Mexico when their helicopter crashed and burned in a remote area, killing five people aboard.



Cisco Security Advisory   more  xml  hide  
last updated: Sat, 20 Jan 2018 18:28:44 GMT

 Fri, 19 Jan 2018 21:29:40 CST Cisco NX-OS System Software Management Interface Denial of Service Vulnerability
A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to bypass configured ACLs on the management interface. This could allow traffic to be forwarded to the NX-OS CPU for processing, leading to high CPU utilization and a denial of service (DoS) condition.

The vulnerability is due to a bad code fix in the 7.3.2 code train that could allow traffic to the management interface to be misclassified and not match the proper configured ACLs. An attacker could exploit this vulnerability by sending crafted traffic to the management interface. An exploit could allow the attacker to bypass the configured management interface ACLs and impact the CPU of the targeted device, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-nxos
Security Impact Rating: Medium
CVE: CVE-2018-0090
 Fri, 19 Jan 2018 21:04:12 CST CPU Side-Channel Information Disclosure Vulnerabilities
On January 3, 2018, researchers disclosed three vulnerabilities that take advantage of the implementation of speculative execution of instructions on many modern microprocessor architectures to perform side-channel information disclosure attacks. These vulnerabilities could allow an unprivileged local attacker, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel.

The first two vulnerabilities, CVE-2017-5753 and CVE-2017-5715, are collectively known as Spectre. The third vulnerability, CVE-2017-5754, is known as Meltdown. The vulnerabilities are all variants of the same attack and differ in the way that speculative execution is exploited.

To exploit any of these vulnerabilities, an attacker must be able to run crafted code on an affected device. Although the underlying CPU and operating system combination in a product or service may be affected by these vulnerabilities, the majority of Cisco products are closed systems that do not allow customers to run custom code and are, therefore, not vulnerable. There is no vector to exploit them. Cisco products are considered potentially vulnerable only if they allow customers to execute custom code side-by-side with Cisco code on the same microprocessor.

A Cisco product that may be deployed as a virtual machine or a container, even while not directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable. Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as operating system or hypervisor, is patched against the vulnerabilities in question.

Although Cisco cloud services are not directly affected by these vulnerabilities, the infrastructure on which they run may be impacted. Refer to the “Affected Products” section of this advisory for information about the impact of these vulnerabilities on Cisco cloud services.

Cisco will release software updates that address these vulnerabilities.
 
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
Security Impact Rating: Medium
CVE: CVE-2017-5715,CVE-2017-5753,CVE-2017-5754
 Wed, 17 Jan 2018 16:00:00 CST Cisco Small Business 300 and 500 Series Managed Switches Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of an affected system.
   
The vulnerability is due to insufficient input validation of parameters that are passed to the web server of the affected system. An attacker could exploit this vulnerability by convincing a user to follow a malicious link or by intercepting and injecting code into a user request. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-300-500-smb1
Security Impact Rating: Medium
CVE: CVE-2017-12307
 Wed, 17 Jan 2018 16:00:00 CST Cisco Web Security Appliance Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wsa1
Security Impact Rating: Medium
CVE: CVE-2018-0093
 Wed, 17 Jan 2018 16:00:00 CST Cisco WebEx Meetings Server Information Disclosure Vulnerability
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks.

The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which could include internal network information that should be restricted. An attacker could exploit the vulnerability by utilizing available resources to study the customer network. An exploit could allow the attacker to discover sensitive data about the application.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms3
Security Impact Rating: Medium
CVE: CVE-2018-0111

powered by zFeeder

Reload this page to check for the most recent news updates.

Please read our legal disclaimer for the use of this information.

Stay Secure
Axiom understands how vital the security of your data is to your organization. Please don't hesitate to contact us if you would like a professional assessment of your network infrastructure.
Home Axiom Advisor Security Bulletins