No Image

USN-6303-2: ClamAV vulnerability

2023-08-22 KENNETH 0

USN-6303-2: ClamAV vulnerability USN-6303-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Source: USN-6303-2: ClamAV vulnerability

Bing Chat Enterprise is in preview for Microsoft 365 A3 and A5 licenses for faculty users

2023-08-22 KENNETH 0

Bing Chat Enterprise is in preview for Microsoft 365 A3 and A5 licenses for faculty users Since February, users have been enjoying the new AI-powered Bing and Edge, with Bing Chat available through the Edge sidebar. To address the needs of commercial customers, we then announced Bing Chat Enterprise, which offers AI-powered chat with commercial data protection. Today, we have extended Bing Chat Enterprise eligibility to Microsoft 365 A3 and A5 licenses for faculty. With Bing Chat Enterprise, user and organization data are protected and will not leak outside the organization. What goes in—and comes out—remains protected. Chat data is not saved, and Microsoft has no eyes-on access, which means no one can view user data, and it’s not used to train the models. Education customers who want to enable or opt-out of Bing Chat Enterprise for their employees can [ more… ]

No Image

USN-6303-1: ClamAV vulnerability

2023-08-21 KENNETH 0

USN-6303-1: ClamAV vulnerability It was discovered that ClamAV incorrectly handled parsing HFS+ files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Source: USN-6303-1: ClamAV vulnerability

No Image

USN-6302-1: Vim vulnerabilities

2023-08-21 KENNETH 0

USN-6302-1: Vim vulnerabilities It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2522, CVE-2022-2580, CVE-2022-2817, CVE-2022-2819, CVE-2022-2862, CVE-2022-2889, CVE-2022-2982, CVE-2022-3134) It was discovered that Vim did not properly perform bounds checks in the diff mode in certain situations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-2598) It was discovered that Vim did not properly perform bounds checks in certain situations. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2816) It was discovered that Vim [ more… ]

No Image

USN-6267-3: Firefox regressions

2023-08-21 KENNETH 0

USN-6267-3: Firefox regressions USN-6267-1 fixed vulnerabilities and USN-6267-2 fixed minor regressions in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit [ more… ]