Category Archives: Vulnerability Assessment

Microsoft Fixes Over Seventy Flaws Including IE Zero-Day

Microsoft fixes more than seventy flaws comprising of an Internet Explorer vulnerability that Google analysts have detected being exploited in threats. The zero-day flaw is trailed as CVE-2019-0676 and it has been narrated by Microsoft as an information revelation issue that presents due to the procedure Internet Explorer manages objects in memory.

Continue reading

Different Open Source Container Systems Affected

A security flaw that impacts various open source container management systems, containing  Amazon Elastic Container Service and Amazon Linux, has been revealed by AWS.

Security analyst, Adam Iwaniuk identified the flaws reportedly, Aleksa Sarai and Borys Poplawski would permit an actor along with very less user action to “overwrite the host runc binary and thus gain root-level code execution on the host.”

Continue reading

Severe Code Execution Vulnerability Discovered in OpenOffice

An analyst has detected a severe distant code execution flaw impacting the open-source productivity suites likely Apache OpenOffice and LibreOffice, however a fix has merely been announced for the former.

Researcher named Alex Inführ identified that a harmful attacker could employ particularly crafted documents to implement absolute code without any alerting message being observed by the sufferer. The entire targeted user requires to perform is open a harmful ODT file and take the mouse anyplace over the document.

Continue reading

WordPress Plugin Impacted By Several Zero-Day Vulnerabilities

Wordfence security analysts reported that the total donations of commercial WordPress plugin is influenced by numerous Zero-Day flaws  that are being vigorously exploited in threats.

The crucial flaws influenced entire famous versions of the WordPress plugin, containing version 2.0.5, and permit harmful attackers to acquire administrative access to impact WordPress websites. Due to unavailability of response from the developers of the plugin, the clients are considered to entirely eliminate the plugin from their installations. Total Donations is aimed to make the online donations receiving easily and offers the choice to website owners for viewing the progress bars and handle the tasks and campaigns accordingly.

Continue reading

Review on Last Week’s Security Vulnerabilities

A review over last week’s major security vulnerabilities are mentioned here for the readers so that they may get the opportunity to read them if anyone missed previously. Such vulnerabilities took place and have affected various companies in different ways. Ultimately, necessary steps were taken by the affected companies to resolve the sort of security vulnerabilities accordingly.

Continue reading

Serious Flaw in Intel’s Software Guard Extensions Technology

While admins were engaged arguing with the aggregate of security fixes from SAP, Microsoft, and Adobe and last week Intel moved quietly a patch for a possibly critical vulnerability in its Software Guard Extensions technology.

The update of Chipzilla describes CVE-2018-18098, an problem Intel narrates as an inappropriate file confirmation that can be employed on Windows systems to step up rights. The security error can be leveraged in effect by malware functioning on a system, logged-in users, to acquire administrator privileges  and take over a vulnerable box.

Continue reading

A Review Over Past Week Security Flaws

Various companies had experienced different security flaws last week and people living across the world had also suffered a lot being a part of such companies. The readers will get the opportunity to get a slight review over some of the major identified security flaws that took place the previous week and got affected along with certain organization. The affected companies took necessary steps in resolving the security flaws.

Continue reading