SECURITY

No Image

MS16-123 – Important: Security Update for Windows Kernel-Mode Drivers (3192892) – Version: 1.0

2016-10-12 KENNETH 0

MS16-123 – Important: Security Update for Windows Kernel-Mode Drivers (3192892) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (October 11, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that could exploit the vulnerabilities and take control of an affected system. Source: MS16-123 – Important: Security Update for Windows Kernel-Mode Drivers (3192892) – Version: 1.0

No Image

MS16-121 – Important: Security Update for Microsoft Office (3194063) – Version: 1.0

2016-10-12 KENNETH 0

MS16-121 – Important: Security Update for Microsoft Office (3194063) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (October 11, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Office. An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Source: MS16-121 – Important: Security Update for Microsoft Office (3194063) – Version: 1.0

No Image

MS16-118 – Critical: Cumulative Security Update for Internet Explorer (3192887) – Version: 1.0

2016-10-12 KENNETH 0

MS16-118 – Critical: Cumulative Security Update for Internet Explorer (3192887) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (October 11, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Source: MS16-118 – Critical: Cumulative Security Update for Internet Explorer (3192887) – Version: 1.0

No Image

USN-3099-3: Linux kernel (Raspberry Pi 2) vulnerabilities

2016-10-11 KENNETH 0

USN-3099-3: Linux kernel (Raspberry Pi 2) vulnerabilities Ubuntu Security Notice USN-3099-3 11th October, 2016 linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Vladimír Beneš discovered an unbounded recursion in the VLAN and TEBGeneric Receive Offload (GRO) processing implementations in the Linuxkernel, A remote attacker could use this to cause a stack corruption,leading to a denial of service (system crash). (CVE-2016-7039) Marco Grassi discovered a use-after-free condition could occur in the TCPretransmit queue handling code in the Linux kernel. A local attacker coulduse this to cause a denial of service (system crash) or possibly executearbitrary code. (CVE-2016-6828) Pengfei Wang discovered a race condition in the Adaptec AAC RAID controllerdriver in the Linux kernel [ more… ]