Security

Original release date: August 15, 2019 Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. from CISA Current Activity http://bit.ly/2z0CWsK via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation […]

Original release date: August 14, 2019 Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems: Windows 7 SP1 Windows Server 2008 R2 SP1 Windows Server 2012 Windows 8.1 Windows Server 2012 R2 Windows 10 An attacker could exploit these vulnerabilities to take control of an affected system. Similar to CVE-2019-0708—dubbed BlueKeep—these vulnerabilities are considered “wormable” because malware exploiting these vulnerabilities on a system could propagate to other vulnerable systems. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and users and administrators to review the following resources and apply […]

Original release date: August 14, 2019 The fifth and final step in the Internal Revenue Service (IRS) Security Summit series for tax professionals is creating a data theft recovery plan. IRS issued a news release highlighting the importance of understanding the risks posed by national and international cybersecurity criminal syndicates, working with cybersecurity experts to help prevent and stop data theft, and reporting data theft as soon as possible. Creating a data theft recovery plan is part of the Taxes. Security. Together. Checklist, which IRS created to help tax professionals protect sensitive taxpayer data. The Cybersecurity and Infrastructure Security Agency […]

Original release date: August 14, 2019 The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting HTTP/2 implementations. An attacker could exploit these vulnerabilities to cause a denial-of-service (DoS) condition. Attacks can consume excessive system resources and lead to distributed DoS (DDoS) attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#605641 for more information and refer to vendors for updates. This product is provided subject to this Notification and this Privacy & Use policy. from CISA Current Activity http://bit.ly/308L4Uk via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided […]

Original release date: August 13, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s August 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from CISA Current Activity http://bit.ly/2YNMvLa via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement […]

Original release date: August 13, 2019 Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: RAID Web Console 2 Advisory INTEL-SA-00246 NUC Advisory INTEL-SA-00272 Authenticate Advisory INTEL-SA-00275 Driver and Support Assistant Advisory INTEL-SA-00276 Remote Displays SDK Advisory INTEL-SA-00277 Processor Identification Utility for Windows Advisory INTEL-SA-00281 Computing Improvement Program Advisory INTEL-SA-00283 This product is provided subject to this […]

Original release date: August 13, 2019 Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: RAID Web Console 2 Advisory INTEL-SA-00246 NUC Advisory INTEL-SA-00272 Authenticate Advisory INTEL-SA-00275 Driver and Support Assistant Advisory INTEL-SA-00276 Remote Displays SDK Advisory INTEL-SA-00277 Processor Identification Utility for Windows Advisory INTEL-SA-00281 Computing Improvement Program Advisory INTEL-SA-00283 This product is provided subject to this […]

Original release date: August 13, 2019 Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates: After Effects CC APSB19-31 Character Animator CC APSB19-32 Premiere Pro CC APSB19-33  Prelude CC APSB19-35 Creative Cloud Desktop Application APSB19-39 Acrobat and Reader APSB19-41 Experience Manager APSB19-42 Photoshop CC APSB19-44     This product is provided subject to this Notification and this Privacy & Use policy. […]