Advisories

The VMware team published an advisor concerning a vulnerability in VMware Tools in functionality that was removed from VMware Tools 11.0.0 has been determined to affect VMware Tools for Windows version 10.x.y.

Microsoft released advice concerning a remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.

Oracle has released critical updates to fix security flaws. The update contains 334 patches. Uganda National CERT and Coordination Center advises users to apply the updates for these products.

Adobe released security updates to fix vulnerabilities in Adobe Illustrator and Adobe Experience Manager.

Due to a spoofing vulnerability that exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates, Microsoft has released updates to the Windows 10 platform in order to reduce the risk exposure.

VMware has released its security advisory for Workspace ONE SDK. The severity is rated at ‘medium’ and details can be accessed here.

Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Mozilla Foundation released its security Advisory requesting users of the Firefox browser to update to the latest version. The update fixes a previous zero-day vulnerability that an attacker could take advantage of and gain unauthorized control of a user’s device.

Microsoft will stop supporting and releasing updates for Windows 7 on 14 January 2020. This means there will be no technical support or software and security updates from Microsoft. Continued use of Windows 7 after this date will leave users exposed to an array of cyber threats.

Planned Internet Service Maintenance Alert

Microsoft has released a security update for Internet Explorer. IT Administrators are strongly advised to patch up. Details can be accessed here.

VMware has released security advisories rated as ‘important’ for the vSphere ESXi and vCenter Server products. Administrators are strongly urged to review the advisory and implement the appropriate resolutions.

Microsoft will stop supporting and releasing updates for Windows 7 on 14 January 2020. This means there will be no technical support or software and security updates from Microsoft. Continued use of Windows 7 after this date will leave users exposed to an array of cyber threats.

Popular app “FaceApp” that offers various face-modification features is free for download but offers in-app paid features. Since the app received huge media attention scammers have created a FAKE app called “FaceApp Pro” or FaceApp Premium and are offering it FREE for download on a fake website.

An existing buffer overflow vulnerability in WhatsApp Voice Over IP (VOIP) stack allowed Remote Code Execution (RCE) through specially crafted series of Secure Real-Time Protocol (SRTCP) packets sent to a target phone number. All users are advised to update their apps to the latest version.

Researchers at Bleeping Computer have analysed the STOP ransomware and established that in addition to encrypting a victim’s file, the ransomware installs the ‘azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, desktop files and more.’ Systems administrators sh

A vulnerability discovered in Microsoft Windows 7, Windows Server 2008 and Windows Server 2008 R2 SP1 exists due to a Win32k component poorly processing objects in memory.

Oracle has released a Critical Patch Update Advisory for multiple security vulnerabilities (January 2019). The advisory further states that ‘Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes.

The Adobe Product Security Incident Response Team (PSIRT) released security updates for Adobe Acrobat and Reader products targeting Windows and MacOS users.

Redhat security advisory reveals that ‘An integer overflow flaw was found in the Linux kernel's create_elf_tables() function.