Tag Archives: Patch

Update Samba Servers Immediately to Patch Password Reset and DoS Vulnerabilities

Samba maintainers have just released new versions of their networking software to patch two critical vulnerabilities that could allow unprivileged remote attackers to launch DoS attacks against servers and change any other users’ passwords, including admin’s.

Samba is open-source software (re-implementation of SMB networking protocol) that runs on the majority of operating systems available

Keep your drivers up to date without taxing your PC

Drivers have access to your entire Windows PC, which makes them malware targets – as it was the case with keyloggers hiding within audio drivers on laptops. Such attacks are often based on software vulnerabilities which should be patched as soon as an update becomes available. However, with most vendors this does not happen automatically. […]

The post Keep your drivers up to date without taxing your PC appeared first on Avira Blog.

Read More

Microsoft Issues Security Patch Update for 14 New Critical Vulnerabilities


Microsoft’s Patch Tuesday for this month falls the day before the most romantic day of the year.

Yes, it’s Valentine’s, and the tech giant has released its monthly security update for February 2018, addressing a total of 50 CVE-listed vulnerabilities in its Windows operating system, Microsoft Office, web browsers and other products.

Fourteen of the security updates are listed as critical, 34 are rated as important, and 2 of them are rated as moderate in severity.

The critical update patches serious security flaws in Edge browser and Outlook client, an RCE in Windows’ StructuredQuery component, and several memory corruption bugs in the scripting engines used by Edge and Internet Explorer.

Critical Microsoft Outlook Vulnerability

One of the most severe bugs includes a memory corruption vulnerability (CVE-2018-0852) in Microsoft Outlook, which can be exploited to achieve remote code execution on the targeted machines.

In order to trigger the vulnerability, an attacker needs to trick a victim into opening a maliciously crafted message attachment or viewing it in the Outlook Preview Pane. This would allow the arbitrary code inside the malicious attachment to execute in the context of the victim’s session.

If the victim is logged on with administrative user rights, the attacker could take control of the affected system, eventually allowing them to install programs, create new accounts with full user rights, or view, change or delete data.

“What’s truly frightening with this bug is that the Preview Pane is an attack vector, which means simply viewing an email in the Preview Pane could allow code execution,” explained the Zero Day Initiative (ZDI).

“The end user targeted by such an attack doesn’t need to open or click on anything in the email – just view it in the Preview Pane. If this bug turns into active exploits – and with this attack vector, exploit writers will certainly try – unpatched systems will definitely suffer.”

The second Outlook vulnerability (CVE-2018-0850), rated as important, is a privilege escalation flaw that can be leveraged to force the affected version of Outlook to load a message store over SMB from a local or remote server.

Attackers can exploit the vulnerability by sending a specially crafted email to an Outlook user, and since the bug can be exploited when the message is merely received (before it is even opened), the attack could take place without any user interaction.

“Outlook would then attempt to open a pre-configured message store contained in the email upon receipt of the email,” Microsoft explains in its advisory. “This update addresses the vulnerability by ensuring Office fully validates incoming email formatting before processing message content.”

Both the Outlook vulnerabilities have been discovered and reported to the tech giant by Microsoft’s researcher Nicolas Joly and former Pwn2Own winner.

Critical Microsoft Edge Vulnerability

Another critical flaw, which is an information disclosure vulnerability (CVE-2018-0763), resides in Microsoft Edge that exists due to Microsoft Edge’s improperly handling of objects in the memory.

An attacker can exploit this vulnerability to successfully obtain sensitive information to compromise the victim’s machine further.

“To exploit the vulnerability, in a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability,” Microsoft explains.

“However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could trick a user into clicking a link that takes the user to the attacker’s site.”

Other critical issues include several Scripting Engine Memory Corruption vulnerabilities in Microsoft Edge that could be exploited to achieve remote code execution in the context of the current user.

Microsoft Edge flaw (CVE-2018-0839), rated as important, is an information disclosure vulnerability that exists due to Microsoft Edge improper handling of objects in the memory.

Successful exploitation of the bug could allow attackers to obtain sensitive information to compromise the user’s system further.

Internet Explorer also got a patch to address an information disclosure vulnerability (CVE-2018-0847), rated important, that would let a webpage use VBScript to fetch stored information from memory.

Publicly Disclosed Vulnerability Before Being Patched

Although the list of patched vulnerabilities does not include any zero-day flaws, one of the security flaws (CVE-2018-0771) in Microsoft Edge was publicly known before the company released patches, but was not listed as being under active attack.

Listed as Moderate, the issue is a Same-Origin Policy (SOP) bypass vulnerability which occurs due to Microsoft Edge’s improper handling of requests of different origins.

The vulnerability could allow an attacker to craft a webpage to bypass the SOP restrictions and get the browser to send data from other sites–requests that should otherwise be ignored due to the SOP restrictions on place.

Meanwhile, Adobe on Tuesday also released security updates for its Acrobat, Reader and Experience Manager products to address a total of 41 security vulnerabilities, out of which 17 are rated as critical and 24 important in severity.

Users are strongly advised to apply security patches as soon as possible to keep hackers and cybercriminals away from taking control of their computers.

For installing security updates, simply head on to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually.

Critical Oracle Micros POS Flaw Affects Over 300,000 Payment Systems


Oracle has released a security patch update to address a critical remotely exploitable vulnerability that affects its MICROS point-of-sale (POS) business solutions for the hospitality industry.

The fix has been released as part of Oracle’s January 2018 update that patches a total of 238 security vulnerabilities in its various products.

According to public disclosure by ERPScan, the security firm which discovered and reported this issue to the company, Oracle’s MICROS EGateway Application Service, deployed by over 300,000 small retailers and business worldwide, is vulnerable to directory traversal attack.

If exploited, the vulnerability (CVE-2018-2636) could allow attackers to read sensitive data and receive information about various services from vulnerable MICROS workstations without any authentication.

Using directory traversal flaw, an unauthorized insider with access to the vulnerable application could read sensitive files from the MICROS workstation, including service logs and configuration files.

As explained by the researchers, two such sensitive files stored within the application storage—SimphonyInstall.xml or Dbconfix.xml—contain usernames and encrypted passwords for connecting to the database.

“So, the attacker can snatch DB usernames and password hashes, brute them and gain full access to the DB with all business data. There are several ways of its exploitation, leading to the whole MICROS system compromise,” the researchers warned. 

“If you believe that gaining access to POS URL is a snap, bear in mind that hackers can find digital scales or other devices that use RJ45, connect it to Raspberry PI, and scan the internal network. That is where they easily discover a POS system. Remember this fact when you pop into a store.”

ERPScan has also released a proof-of-concept Python-based exploit, which, if executed on a vulnerable MICROS server, would send a malicious request to get the content of sensitive files in response.

Besides this, Oracle’s January 2018 patch update also provides fixes for Spectre and Meltdown Intel processor vulnerabilities affecting certain Oracle products.

Update Your Firefox Browser to Fix a Critical Remotely Exploitable Flaw


Mozilla has released an important update for its Firefox web browser to patch a critical vulnerability that could allow remote attackers to execute malicious code on computers running an affected version of the browser.

The update comes just a week after the company rolled out its new Firefox Quantum browser, a.k.a Firefox 58, with some new features like improved graphics engine and performance optimizations and patches for more than 30 vulnerabilities.

According to a security advisory published by Cisco, Firefox 58.0.1 addresses an ‘arbitrary code execution’ flaw that originates due to ‘insufficient sanitization’ of HTML fragments in chrome-privileged documents (browser UI).

Hackers could exploit this vulnerability (CVE-2018-5124) to run arbitrary code on the victim’s computer just by tricking them into accessing a link or ‘opening a file that submits malicious input to the affected software.’

“A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely,” the advisory states.

This could allow an attacker to install programs, create new accounts with full user rights, and view, change or delete data.

However, if the application has been configured to have fewer user rights on the system, the exploitation of this vulnerability could have less impact on the user.

Affected web browser versions include Firefox 56 (.0, .0.1, .0.2), 57 (.0, .0.1, .0.2, .0.3, .0.4), and 58 (.0). The vulnerability has been addressed in Firefox 58.0.1, and you can download from the company’s official website.

The issue, which was discovered by Mozilla developer Johann Hofmann, does not affect Firefox browser for Android and Firefox 52 ESR.

Users are recommended to apply the software updates before hackers exploit this issue, and avoid opening links provided in emails or messages if they appear from suspicious or unrecognized sources.

Administrators are also advised to use an unprivileged account when browsing the Internet and monitor critical systems.

Don’t be afraid of a ‘Meltdown’ with the new Microsoft update

Don’t be afraid of a ' Meltdown ' with the new Microsoft update

Don’t be afraid of a ‘Meltdown’ with the new Microsoft update
Avira is fully compatible with the new Microsoft patch for the Meltdown vulnerability

The Meltdown hardware vulnerability lets a hacker misuse a program so they can see what other programs and the operating system are doing, giving them the ability to see things like saved passwords or browser history. Microsoft has rolled out its patch — and Avira is fully compatible with it.

The post Don’t be afraid of a ‘Meltdown’ with the new Microsoft update appeared first on Avira Blog.

Read More

Patch Tuesday: Microsoft Releases Update to Fix 53 Vulnerabilities


It’s Patch Tuesday—time to update your Windows devices.

Microsoft has released a large batch of security updates as part of its November Patch Tuesday in order to fix a total of 53 new security vulnerabilities in various Windows products, 19 of which rated as critical, 31 important and 3 moderate.

The vulnerabilities impact the Windows OS, Microsoft Office, Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, .NET Core, and more.

At least four of these vulnerabilities that the tech giant has now fixed have public exploits, allowing attackers to exploit them easily. But fortunately, none of the four are being used in the wild, according to Gill Langston at security firm Qualys.

The four vulnerabilities with public exploits identified by Microsoft as CVE-2017-8700 (an information disclosure flaw in ASP.NET Core), CVE-2017-11827 (Microsoft browsers remote code execution), CVE-2017-11848 (Internet Explorer information disclosure) and CVE-2017-11883 (denial of service affecting ASP.NET Core).

Potentially Exploitable Security Vulnerabilities

What’s interesting about this month’s patch Tuesday is that none of the Windows OS patches are rated as Critical. However, Device Guard Security Feature Bypass Vulnerability (CVE-2017-11830) and Privilege Elevation flaw (CVE-2017-11847) are something you should focus on.

Also, according to an analysis of Patch Tuesday fixes by Zero-Day Initiative, CVE-2017-11830 and another flaw identified as CVE-2017-11877 can be exploited to spread malware.

“CVE-2017-11830 patches a Device Guard security feature bypass vulnerability that would allow malware authors to falsely authenticated files,” Zero-Day Initiative said.

“CVE-2017-11877 fixes an Excel security feature bypass vulnerability that fails to enforce macro settings, which are often used by malware developers.”

The tech giant also fixed six remote code execution vulnerabilities exist “in the way the scripting engine handles objects in memory in Microsoft browsers.”

Microsoft identified these vulnerabilities as CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11871, and CVE-2017-11873, which could corrupt memory in such a way that attackers could execute malicious code in the context of the current user.

“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website,” Microsoft said. “These websites could contain specially crafted content that could exploit the vulnerability.” 

17-Year-Old MS Office Flaw Lets Hackers Install Malware

Also, you should be extra careful when opening files in MS Office.

All versions of Microsoft Office released in the past 17 years found vulnerable to remote code execution flaw (CVE-2017-11882) that works against all versions of Windows operating system, including the latest Microsoft Windows 10 Creators Update.

However, due to improper memory operations, the component fails to properly handle objects in the memory, corrupting it in such a way that the attacker could execute malicious code in the context of the logged-in user.

Exploitation of this vulnerability requires opening a specially crafted malicious file with an affected version of Microsoft Office or Microsoft WordPad software, which could allow attackers to remotely install malware on targeted computers.

Adobe Patch Tuesday: Patches 62 Vulnerabilities

Besides fixing vulnerabilities in its various products, Microsoft has also released updates for Adobe Flash Player.

These updates correspond with Adobe Update APSB17-33, which patches 62 CVEs for Acrobat and Reader alone. So, Flash Player users are advised to ensure that they update Adobe across their environment to stay protected.

It should also be noted that last Patch Tuesday, Microsoft quietly released the patch for the dangerous KRACK vulnerability (CVE-2017-13080) in the WPA2 wireless protocol.

Therefore, users are also recommended to make sure that they have patched their systems with the last month’s security patches.

Alternatively, users are strongly advised to apply November security patches as soon as possible in order to keep hackers and cybercriminals away from taking control of their computers.

For installing security updates, just head on to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually.

Your data may have already been stolen

Don’t worry about keeping your data secure – It’s already been stolen - Equifax data breach

You might expect that the Internal Revenue Service (IRS) of the US would be worried that the recent Equifax data breach would set off an avalanche of fraudulent tax filings. They aren’t. In fact, they believe a “significant” number of the estimated 145 million victims of the Equifax breach have already had their private data […]

The post Your data may have already been stolen appeared first on Avira Blog.

Read More

For the want of a patch, the data was lost

For the want of a patch, the data was lost

Nursery rhymes nail it — from a horse’s shoe to a missed batch at Equifax leaking the private data on millions of people.

The post For the want of a patch, the data was lost appeared first on Avira Blog.

Read More