This November, Microsoft released monthly security patches covering total 63 vulnerabilities, with 12 of them rated critical, 47 are rated Important, one is rated Moderate and three are Low in Severity. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, and Microsoft Office Services and Web Apps, ChakraCore, .NET Core, Skype for Business, […]

Read More →

Two new critical vulnerabilities have been discovered affecting every processor since 1995, which allow malicious programs to steal information from other programs memory. These vulnerabilities are named as Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). Meltdown and Spectre vulnerabilities affect all processors since 1995 including AMD, ARM, and Intel.┬áThese vulnerabilities allow an attacker to access […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:1600754 ALAS-2017-889 CVE-2017-1000099 CVE-2017-1000100 CVE-2017-1000101 ALAS-2017-889 —- curl oval:org.secpod.oval:def:1600755 ALAS-2017-881 CVE-2017-6508 ALAS-2017-881 —- wget oval:org.secpod.oval:def:1600756 ALAS-2017-876 CVE-2017-0553 ALAS-2017-876 —- libnl3 oval:org.secpod.oval:def:1600757 ALAS-2017-880 CVE-2016-7798 ALAS-2017-880 —- ruby23 oval:org.secpod.oval:def:1600759 ALAS-2017-878 […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:41603 CVE-2017-3085 Security Bypass vulnerability in Adobe Flash Player – CVE-2017-3085 oval:org.secpod.oval:def:41604 CVE-2017-3106 Type confusion vulnerability in Adobe Flash Player – CVE-2017-3106 oval:org.secpod.oval:def:41605 APSB17-23 CVE-2017-3085 CVE-2017-3106 Multiple vulnerabilities in […]

Read More →

Privilege escalation is the method of exploiting a bug, design flaw or configuration issues in an operating system or software application to gain access to resources that are restricted to be used by other users. An independent researcher Dawid Golunski exposed a privilege escalation vulnerability (CVE-2016-5616/CVE-2016-6663) present in MySQL, MariaDB and PerconaDB databases. This issue […]

Read More →

A new massive threat is making its rounds in the security world. A tricky yet nasty piece of ransomware called Fantom. Many organizations are being infected with this ransomware. But luckily, there are definite ways to evade it and also ways to mitigate the damage without letting the troublemakers win. Fantom ransomware is a devious […]

Read More →