Windows TCP/IP Remote Code Execution (RCE)

The Microsoft Security Response Center has released an advisory on a Remote Code Execution vulnerability that exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. Uganda National CERT and Coordination Center strongly recommends system administrators to review and apply the security update.

RELATED ADVISORIES

Cyber Updates 23 October 2020

Oracle Security Update

Oracle released a critical patch update to address multiple security vulnerabilities in Oracle code and in third party components included in Oracle products. As is Oracle practice, the patches are cumulative which requires data base admins to also review the previous patches. The notice from Oracle reads that ‘Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update security patches as soon as possible.’ Oracle Database admins can find the detailed advisory here.

Windows NTFS Security Update

Cyber Updates 9 October 2020

Netlogon Advisory

Cyber Updates 8 October 2020

Emotet Check

Cyber Updates 5 October 2020

Cisco XR Flaws

Cyber Updates 5 October 2020

Update Firefox Browser

Cyber Updates 1 October 2020

Netlogon Advisory

Cyber Updates 22 September 2020