Microsoft September 2017 Patch Tuesday released total of 94 individual security updates addressing total of 84 CVE’s, in addition to the 2 vulnerabilities for Adobe Flash Player. Among these, 27 are rated as Critical, 54 are rated as Important, and 2 are rated as moderate. September Security Update includes patches for 39 vulnerabilities leading to RCE […]

Read More →

WannaCry (also known as Wana Decrypt0r 2.0, Wannacryptor, WannaCrypt, wana Decryptor) ransomware disrupts 2-3 millions of devices around 150 countries, taking important files as a hostage and demanding a ransom of $600 worth of bitcoins. The ransomware is found to be using the old SMB vulnerability (MS17-010 released in April 2017) to spread across devices. There was no second doubt […]

Read More →

The Model-View-Framework Apache Struts2, an open source and free framework for simplifying the creation of web applications in Java has been recently patched to mitigate a zero day vulnerability. Apache Struts2 is been affected with a new vulnerability which is being actively exploited in the wild. The vulnerability is a possible Remote Code Execution which […]

Read More →

(Image source: WordPress ) WordPress the easiest, one of the most powerful blogging and website content management system has silently fixed a dangerous vulnerability in WordPress REST API Endpoint which was recently added to WordPress version 4.7.0 and enabled by default. The REST API has been affected by an unauthenticated privilege escalation vulnerability, that could possibly lead to […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:501887 CVE-2016-5195 RHSA-2016:2105-01 RHSA-2016:2105-01 — Redhat kernel, perf oval:org.secpod.oval:def:703327 CVE-2016-1247 USN-3114-1 USN-3114-1 — nginx vulnerability oval:org.secpod.oval:def:703328 CVE-2016-5584 CVE-2016-7440 USN-3109-1 USN-3109-1 — mysql vulnerabilities oval:org.secpod.oval:def:703329 CVE-2016-1245 USN-3110-1 USN-3110-1 — quagga […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:37827 CVE-2016-4662 Arbitrary code execution vulnerability in AppleGraphicsControl in Apple Mac OS X – CVE-2016-4662 oval:org.secpod.oval:def:37836 CVE-2016-4682 Information disclosure vulnerability in ImageIO in Apple Mac OS X – CVE-2016-4682 […]

Read More →