April’s patch Tuesday release from Microsoft includes fixes for three zero-day vulnerabilities in Windows that are under active attack. CVE-2020-1020 is a flaw in the Windows Adobe Type Manager Library. According to Microsoft: For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, […]
Microsoft patches zero-day flaws Read More »
Server hardening is a set of disciplines and techniques which improve the security of an ‘off the shelf’ server. Server Hardening is requirement of security frameworks such as PCI-DSS and is typically included when organisations adopt ISO27001. What is the attack surface The aim of server hardening is to reduce the attack surface of
What is server hardening ? Read More »
Microsoft warns that attackers are targeting two zero-day remote code execution vulnerabilities that exist in all versions of Windows – and a fix is not expected until the April patch Tuesday. The vulnerabilities exist in the Adobe Type Manager library which is a standard Windows component used primarily by Windows Explorer to display previews of
Windows zero day RCE vulnerabilities under attack Read More »
Microsoft has released a patch to fix a remote code execution flaw in the SMB protocol affecting Windows 10 PC and their servers. SMB is used by Active Directory, for network file sharing and some printers. Microsoft have published a security advisory which details the scope of the flaw. The problem is the way the SMBv3
Microsoft patches critical SMB flaw Read More »
A remote code execution vulnerability has been discovered in all version of the Point-to-Point Protocol included on Linux systems for the last 17 years. The vulnerability allows an unauthenticated attacker to send a specially crafted packet to the PPP daemon (pppd), force a buffer overflow and execute arbitrary code. The PPP protocol is used for
Linux PPP RCE vulnerability Read More »
Microsoft has released a patch to a remote code execution vulnerability in Exchange server which is being actively targeted. CVE-2020-0688 is a flaw in the installation procedure resulting in all Exchange Servers using the same cryptographic keys for ASP.NET ViewState data. A detailed write-up by the Zero Day Initiative demonstrates the flaw in action. In summary:
Exchange Server RCE exploited in the wild Read More »
Ragnarok ransomware is leveraging unpatched Citrix ADC servers and Windows computers to attack its victims. Citrix have now released a patch for CVE-2019-19781 and made it available to all clients – regardless of the status of their support contract. However, unpatched Citrix systems are being actively targeted with Ragnarok according to security firm Fireye. CVE-2019-19781 is
Ragnarok ransomware exploits Citrix vulnerability Read More »
In recent years the main vendors of the operating systems and databases that run our businesses, schools and governments have made significant strides to provide a reliable stream of patches and upgrades which are easy to install or even automatically installed. Microsoft’s Patch Tuesday has been emulated by other vendors including Adobe and SAP. These
Infrastructure Patching Problems Read More »
Microsoft has released details of a zero-day remote code execution vulnerability which is being actively exploited to attack Windows computers. It affects all versions of Internet Explorer running on Windows 7, 8.1 and 10. The problems lies in one of the two javascript engines available within IE. Since a webpage can request IE to use
Internet Explorer zero-day RCE attack Read More »
The last ever Windows 7 Patch Tuesday update also includes a fix to a long standing bug in the Windows cryptographic library (CryptoAPI) which could allow attackers to spoof digital certificates and conduct man-in-the-middle attacks. Microsoft has long warned that January 2020 was the end of support for Windows 7, meaning that this is expected
Final Windows 7 Patches and critical security bug fixed Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.