Image Source: thestack.com Intel identified eight security vulnerabilities and released security advisory last week, affecting Intel core CPU technologies Intel Management Engine (ME), Server Platform Service (SPS) and Trusted Execution Engine (TXE). These vulnerabilities allow an unauthorized process to access privileged content, attackers with local or remote admin access to the system to execute arbitrary […]

Read More →

A serious security flaw affecting all versions of Microsoft Office has been discovered by security researcher Lino Antonio Buono. The flaw is within the legitimate feature of Microsoft Office allowing malicious actors to create and spreads macro-based self-replicating malware. The flaw takes advantage of fact that a registry key value dictates whether external (or untrusted) macros can […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod ANCOR. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:42781 CVE-2017-7828 Use-after-free vulnerability in Mozilla Firefox and Firefox ESR – CVE-2017-7828 oval:org.secpod.oval:def:42782 CVE-2017-7830 Cross-origin vulnerability in Mozilla Firefox and Firefox ESR – CVE-2017-7830 oval:org.secpod.oval:def:42783 CVE-2017-7826 Memory corruption vulnerability […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:42753 CVE-2017-11882 KB2553204 Security update for Office 2010 – KB2553204 oval:org.secpod.oval:def:42754 CVE-2017-11882 KB3162047 Security update for Office 2013 – KB3162047 oval:org.secpod.oval:def:42755 CVE-2017-11854 KB4011268 Security update for Office 2010 […]

Read More →

Microsoft November 2017 Patch Tuesday addresses 53 security vulnerabilities in six of it’s main product categories. Amoung these 19 CVE’s are rated as Critical, 31 are rated as Important, and 3 are moderate. None of the Windows OS patches are rated as critical, and there are no zero days patched in this month. But according […]

Read More →

Adobe has unleashed security patches for most of its major products in its November security updates. Security updates include products, Adobe Flash Player, Adobe Photoshop CC, Adobe InDesign, Adobe Connect, Adobe Acrobat and Reader, Adobe DNG Converter, Adobe Digital Editions, and Adobe shock player. Total of 83 vulnerabilities have been issued with patch, which includes […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:42687 CVE-2017-11791 Scripting Engine Information Disclosure Vulnerability – CVE-2017-11791 oval:org.secpod.oval:def:42688 CVE-2017-11803 Microsoft Edge Information Disclosure Vulnerability – CVE-2017-11803 oval:org.secpod.oval:def:42689 CVE-2017-11827 Microsoft Browser Memory Corruption Vulnerability – CVE-2017-11827 oval:org.secpod.oval:def:42690 […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:42681 CVE-2017-1000242 Information disclosure vulnerability in Git Client Plugin in Jenkins oval:org.secpod.oval:def:42683 CVE-2017-1000242 Information disclosure vulnerability in Git Client Plugin for Jenkins

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:1600801 ALAS-2017-921 CVE-2017-12171 ALAS-2017-921 —- httpd oval:org.secpod.oval:def:1600802 ALAS-2017-918 CVE-2017-15041 CVE-2017-15042 ALAS-2017-918 —- golang oval:org.secpod.oval:def:1600803 ALAS-2017-919 CVE-2017-1000254 ALAS-2017-919 —- curl oval:org.secpod.oval:def:1600804 ALAS-2017-920 CVE-2017-12166 ALAS-2017-920 —- openvpn oval:org.secpod.oval:def:42677 CVE-2016-8740 Denial […]

Read More →

The following SCAP content has been released to SCAP Repo and SecPod Saner Solution. SecPod Saner will automatically pull the relevant content on its next scheduled update. oval:org.secpod.oval:def:42665 CVE-2017-15398 Stack buffer overflow vulnerability in the QUIC in Google Chrome via unspecified vectors oval:org.secpod.oval:def:42666 CVE-2017-15399 Use after free vulnerability in the V8 in Google Chrome via […]

Read More →