@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 10

@RISK: The Consensus Security Vulnerability Alert
March 1, 2018 – Vol. 18, Num. 10
=========================================================
CONTENTS:

NOTABLE RECENT SECURITY ISSUES
INTERESTING NEWS FROM AROUND THE SECURITY COMMUNITY
VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE
MOST PREVALENT MALWARE FILES 2018-02-27 – 2018-03-06
=========================================================
TOP VULNERABILITY THIS WEEK: Google Releases Monthly Security Bulletin for Android; 39 Vulnerabilities Addressed
=========================================================
NOTABLE RECENT SECURITY ISSUES
SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Google Releases Monthly Security Bulletin for Android; 39 Vulnerabilities Addressed
Description: Google has released its monthly security bulletin for Android to address 37 vulnerabilities that have been identified. This month’s bulletin release addresses 11 critical vulnerabilities and 26 high-severity vulnerabilities. The 2018-03-01 security patch level contains fixes for the Media framework and Android System while the 2018-03-05 security patch level fixes bugs in the kernel, Qualcomm and nVidia components. Updates have been published for Nexus and Pixel devices. Android partners should be in the process of integrating these updates and pushing them out in the near future for other Android handsets.
Reference: https://source.android.com/security/bulletin/2018-03-01
Snort SID: Detection pending release of vulnerability information

Title: Hewlett Packard Enterprise Releases Security Bulletin for Denial of Service Vulnerability in iLO 3
Description: Hewlett Packard Enterprise has released a security bulletin for a Denial of Service (DoS) vulnerability in HPE Integrated Lights-Out 3 (iLO 3). This vulnerability, identified as CVE-2017-8987, could be exploited by a remote, unauthenticated attacker and impacts HPE iLO 3 version 1.88. HPE has released a software update to address this vulnerability.
Reference: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03826en_us
Snort SID: Detection pending release of vulnerability information

Continue reading “@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 10”

@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 9

@RISK: The Consensus Security Vulnerability Alert
March 1, 2018 – Vol. 18, Num. 09
=========================================================
CONTENTS:

NOTABLE RECENT SECURITY ISSUES
INTERESTING NEWS FROM AROUND THE SECURITY COMMUNITY
VULNERABILITIES FOR WHICH EXPLOITS ARE AVAILABLE
MOST PREVALENT MALWARE FILES 2018-02-20 – 2018-02-27
=========================================================
TOP VULNERABILITY THIS WEEK: Multiple Vulnerabilities in Trend Micro Email Encryption Gateway Disclosed
=========================================================
NOTABLE RECENT SECURITY ISSUES
SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: Multiple Vulnerabilities in Trend Micro Email Encryption Gateway Disclosed
Description: Researchers from Core Security have identified multiple vulnerabilities in Trend Micro Email Encryption Gateway. The most severe of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary commands as root on affected devices. Other vulnerabilities include SQL injections, insecure updates via HTTP, reflected XSS attacks, and arbitrary locations leading to command execution. Trend Micro has released a software update addressing a majority of these vulnerabilities. Two additional vulnerabilities were reported to Trend Micro but were not patched “due to the difficulties of implementing and the negative impact on critical normal product function.”
Reference: https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Snort SID: Detection pending

Title: Google Project Zero Discloses Unpatched Windows 10 Privilege Escalation Vulnerability
Description: Google Project Zero has disclosed a privilege escalation vulnerability in Windows 10 that has not yet been patched. Details of this vulnerability were made on Feb 20. Per Project Zero notes, Microsoft considers this vulnerability “Important” as code execution is a prerequisite to exploit it as it cannot be exploited remotely by itself. Patches for this vulnerability are anticipated the following Patch Tuesday.
Reference: https://bugs.chromium.org/p/project-zero/issues/detail?id=1428
Snort SID: Detection pending

Continue reading “@RISK: The Consensus Security Vulnerability Alert: Vol. 18, Num. 9”