Security Flaws & Fixes - W/E - 9/27/19
Apple Products Receive Updates (09/25/2019)
Apple released updates for tvOS, Apple TV, Safari, and iOS. In addition, the vendor announced that a software update to fix a bug with third-party keyboard apps - but not Apple's built-in keyboards is forthcoming but did not give a date when that fix will be issued.
Apple released updates for tvOS, Apple TV, Safari, and iOS. In addition, the vendor announced that a software update to fix a bug with third-party keyboard apps - but not Apple's built-in keyboards is forthcoming but did not give a date when that fix will be issued.
Atlassian Plugs Hole in Jira Service Desk Products (09/24/2019)
Atlassian released updates for Jira Service Desk Server and Jira Service Desk Data Center following the discovery of an URL path traversal vulnerability that can lead to information disclosure. The vendor rates this bug as critical.
Atlassian released updates for Jira Service Desk Server and Jira Service Desk Data Center following the discovery of an URL path traversal vulnerability that can lead to information disclosure. The vendor rates this bug as critical.
Critical Search Path Bug in Forcepoint VPN Client Can Expose Windows Systems (09/25/2019)
Forcepoint has updated its VPN Client for Windows versions to mitigate an unquoted search path bug in versions prior to 6.6.1. A researcher at SafeBreach Labs found the bug and reported it to Forcepoint. According to SafeBreach Labs, the vulnerability "could have been exploited by an attacker during a post-exploitation phase in order to achieve privilege escalation, persistence and in some cases defense evasion by using the technique of implanting an arbitrary unsigned executable which is executed by a signed service that runs as NT AUTHORITY\SYSTEM."
Forcepoint has updated its VPN Client for Windows versions to mitigate an unquoted search path bug in versions prior to 6.6.1. A researcher at SafeBreach Labs found the bug and reported it to Forcepoint. According to SafeBreach Labs, the vulnerability "could have been exploited by an attacker during a post-exploitation phase in order to achieve privilege escalation, persistence and in some cases defense evasion by using the technique of implanting an arbitrary unsigned executable which is executed by a signed service that runs as NT AUTHORITY\SYSTEM."
Further Action Needed to Reduce Cybersecurity Risk to US Electric Grid (09/25/2019)
The Government Accountability Office (GAO) recommended actions that the Department of Energy (DOE) and the Federal Energy Regulatory Commission (FERC) should take to secure components for the electric grid's infrastructure and improve reliability. The report describes the risks facing the grid and provides a list of possible cyber actors that could pose a threat to the grid, among other things. Among its recommendations, the GAO stated that the DOE should develop a plan aimed at implementing the federal cybersecurity strategy for the grid and ensure that the plan addresses the key characteristics of a national strategy, including a full assessment of cybersecurity risks to the grid.
The Government Accountability Office (GAO) recommended actions that the Department of Energy (DOE) and the Federal Energy Regulatory Commission (FERC) should take to secure components for the electric grid's infrastructure and improve reliability. The report describes the risks facing the grid and provides a list of possible cyber actors that could pose a threat to the grid, among other things. Among its recommendations, the GAO stated that the DOE should develop a plan aimed at implementing the federal cybersecurity strategy for the grid and ensure that the plan addresses the key characteristics of a national strategy, including a full assessment of cybersecurity risks to the grid.
Google: Bad Chrome Update Can Wreak Havoc on macOS (09/26/2019)
A Chrome update could damage macOS systems, Google warned in an advisory. "We recently discovered that a Chrome update may have shipped with a bug that damages the file system on macOS machines with System Integrity Protection (SIP) disabled, including machines that do not support SIP. We've paused the release while we finalize a new update that addresses the problem," Google said. It is recommended that users disable SIP. Information about recovering affected machines is available from the advisory.
A Chrome update could damage macOS systems, Google warned in an advisory. "We recently discovered that a Chrome update may have shipped with a bug that damages the file system on macOS machines with System Integrity Protection (SIP) disabled, including machines that do not support SIP. We've paused the release while we finalize a new update that addresses the problem," Google said. It is recommended that users disable SIP. Information about recovering affected machines is available from the advisory.
Hacker Releases Zero-Day RCE Exploit for vBulletin, Vendor Posts Patch (09/25/2019)
An anonymous researcher posted an exploit for vBulletin forum software. The zero-day bug results in a remote code execution on all versions from 5.0.0 till 5.5.4. Several security vendors confirmed the legitimacy of the bug. vBulletin released updates to address the exploit on September 25.
An anonymous researcher posted an exploit for vBulletin forum software. The zero-day bug results in a remote code execution on all versions from 5.0.0 till 5.5.4. Several security vendors confirmed the legitimacy of the bug. vBulletin released updates to address the exploit on September 25.
Microsoft Issues Out-of-Band Security Update to Fix Zero-Day Hole in IE (09/24/2019)
Microsoft released out-of-band security updates to notify consumers and businesses of security issues within several products. The first advisory warns of a scripting engine memory corruption vulnerability in Internet Explorer while a second alert discusses a denial-of-service issue in Microsoft Defender. Attackers are actively exploiting the Internet Explorer bug. The vendor also issued a cumulative security update for Internet Explorer.
Microsoft released out-of-band security updates to notify consumers and businesses of security issues within several products. The first advisory warns of a scripting engine memory corruption vulnerability in Internet Explorer while a second alert discusses a denial-of-service issue in Microsoft Defender. Attackers are actively exploiting the Internet Explorer bug. The vendor also issued a cumulative security update for Internet Explorer.
Out-of-Band Adobe Bulletin Mitigates Three Bugs in ColdFusion (09/25/2019)
Adobe pushed out fixes for ColdFusion versions 2016 and 2018. The updates remedy a path traversal, a command injection via vulnerable component, and security bypass vulnerabilities.
Adobe pushed out fixes for ColdFusion versions 2016 and 2018. The updates remedy a path traversal, a command injection via vulnerable component, and security bypass vulnerabilities.
Update VMware Products to Mitigate Code Execution (09/24/2019)
VMware's ESXi, Workstation, Fusion, VMRC, and Horizon Client contain a use-after-free vulnerability in the virtual sound device. A local attacker with non-administrative access on the guest machine may exploit this issue to execute code on the host. The vendor confirmed that there are no workarounds and an advisory details which versions are fixed.
VMware's ESXi, Workstation, Fusion, VMRC, and Horizon Client contain a use-after-free vulnerability in the virtual sound device. A local attacker with non-administrative access on the guest machine may exploit this issue to execute code on the host. The vendor confirmed that there are no workarounds and an advisory details which versions are fixed.
Zero-Day Hole in Rich Reviews Plugin Leaves WordPress Sites Vulnerable (09/26/2019)
An outdated WordPress plugin called Rich Reviews is under attack due to an unpatched bug and about 16,000 sites that run this plugin are vulnerable, the research team at Wordfence warned. The bug can be used to deliver stored cross-site scripting payloads and attacks that began in April are continuing.
An outdated WordPress plugin called Rich Reviews is under attack due to an unpatched bug and about 16,000 sites that run this plugin are vulnerable, the research team at Wordfence warned. The bug can be used to deliver stored cross-site scripting payloads and attacks that began in April are continuing.