[월:] 2022년 03월

No Image

Forts of the Forgotten – free Sea of Thieves’ Adventure – available now through April 7

2022-03-25 KENNETH 0

Forts of the Forgotten – free Sea of Thieves’ Adventure – available now through April 7 Sea of Thieves’ second story-driven Adventure, Forts of the Forgotten, is now live and will be available until April 7. “Rally your crew, rendezvous with Belle and set sail for the Sea Forts pulled through from the Sea of the Damned by Captain Flameheart,” writes Mike Chapman, creative director at Rare, in a post on Xbox Wire. “Expect heavy resistance from a Phantom phalanx as you battle through these ghostly fortifications to rescue the missing inhabitants of Golden Sands Outpost!” Forts of the Forgotten is available for free to all Sea of Thieves players who have bought the game on Windows PCs, Xbox Series X|S, Xbox One or via Steam, or players who have access to it with Xbox Game Pass. Simply download and [ more… ]

No Image

USN-5321-3: Firefox regressions

2022-03-25 KENNETH 0

USN-5321-3: Firefox regressions USN-5321-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Source: USN-5321-3: Firefox regressions

No Image

USN-5347-1: OpenVPN vulnerability

2022-03-24 KENNETH 0

USN-5347-1: OpenVPN vulnerability It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials. Source: USN-5347-1: OpenVPN vulnerability

No Image

USN-5346-1: Linux kernel (OEM) vulnerability

2022-03-24 KENNETH 0

USN-5346-1: Linux kernel (OEM) vulnerability It was discovered that the ICMPv6 implementation in the Linux kernel did not properly deallocate memory in certain situations. A remote attacker could possibly use this to cause a denial of service (memory exhaustion). Source: USN-5346-1: Linux kernel (OEM) vulnerability

No Image

USN-5345-1: Thunderbird vulnerabilities

2022-03-24 KENNETH 0

USN-5345-1: Thunderbird vulnerabilities Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, cause undefined behaviour, spoof the browser UI, or execute arbitrary code. (CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384) It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions. (CVE-2022-22754) It was discovered that dragging and dropping an image into a folder could result in it being marked as executable. If a user were tricked into dragging and dropping a specially crafted image, an attacker could potentially [ more… ]