Windows NTFS Security Update

Microsoft released a security update to fix the Windows NTFS Remote Code Execution Vulnerability. A local attacker could run a specially crafted application that would elevate the attacker's privileges. A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system. Systems Admins should study the Microsoft Advisory and implement the appropriate protection measures.

RELATED ADVISORIES

Cyber Updates 23 October 2020

Oracle Security Update

Oracle released a critical patch update to address multiple security vulnerabilities in Oracle code and in third party components included in Oracle products. As is Oracle practice, the patches are cumulative which requires data base admins to also review the previous patches. The notice from Oracle reads that ‘Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update security patches as soon as possible.’ Oracle Database admins can find the detailed advisory here.

Windows TCP/IP Remote Code Execution (RCE)

Cyber Updates 15 October 2020

Netlogon Advisory

Cyber Updates 8 October 2020

Emotet Check

Cyber Updates 5 October 2020

Cisco XR Flaws

Cyber Updates 5 October 2020

Update Firefox Browser

Cyber Updates 1 October 2020

Netlogon Advisory

Cyber Updates 22 September 2020