Browsing tag
Microsoft has fixed a critical remote code execution bug (CVE-2017-11937) in the Malware Protection Engine that finds its home in a variety of products, including Windows Defender (Windows 8 and above) and Microsoft Security Essentials. According to a security advisory, the flaw leads to a memory corruption error when a specially crafted file is scanned […]
Security researchers from lgtm.com have discovered a major remote code execution security flaw (CVE-2017-9805) in Apache Struts, which is a well-liked open-source framework created to develop internet purposes in the Java programming language, which helps REST, AJAX, and JSON. All variations of Struts since 2008 are weak and all internet purposes utilizing the framework’s fashionable […]
The three vulnerabilities allow attackers to disarm the platform and execute code. Symantec has patched three vulnerabilities in the Symantec Messaging Gateway (SMG) which could be exploited by attackers to remotely execute code. On Wednesday, the cybersecurity firm issued a security advisory warning of the bugs, all of which are specific to the SMG enterprise […]
IBM Informix Dynamic Server and Informix Open Admin Tool contains 6 Critical Vulnerabilities including RCE and a Buffer overflow in HEAP. IBM Informix Dynamic Server for high-volume online Data server for transaction processing (OLTP), integrated applications, and now breathtakingly fast data warehouse/analytical workloads. IDS is well known for its hands-free administration. To make server administration even […]
Short Bytes: A simple but malicious subtitle file can be used to gain control of your PC, TV or smartphone. Check Point researchers have spotted vulnerabilities in VLC, Kodi, Stremio, and Popcorn Time in the way these media players handle subtitle files. As of now, fixes have been released for the media players. According to […]
Short Bytes: The researchers from Google Project Zero have revealed a remote code execution bug in Microsoft Windows. The attacker doesn’t require any software to take the advantage of the serious bug. Microsoft is expected to fix the bug on May 9 Patch Tuesday release, followed by a detailed report by the researchers. Update (May […]
Intel’s security team released a series of patches yesterday that fix a remote code execution (RCE) bug found in the Intel Management Engine (ME). The RCE bug affects Intel ME technologies such as Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). All of these are technologies that allow […]
The vulnerability (CVE-2017-2641) allows an attacker to execute PHP code at the vulnerable Moodle server. This vulnerability actually consists of many small vulnerabilities, as described further in the blog post. Moodle is a very popular learning management system, deployed in many universities around the world, including top institutes such as MIT, Stanford, the University of Cambridge, […]
Microsoft today patched a half-dozen critical browser vulnerabilities that have been publicly disclosed, but apparently not used in attacks as of yet. The critical Internet Explorer and Microsoft Edge bulletins are among six released today, along with six others with a severity rating of important. Today’s patches cap off a year in which there was […]
Short Bytes: All recent Ubuntu Linux releases ship with Apport crash handling software. A security researcher has discovered a flaw in this utility that allows an attacker to remotely execute code using a malicious booby-trapped file. Ubuntu has released the fix for the same, which can be grabbed via simple Ubuntu update. Most of you […]