Mozilla released Vulnerability-related.PatchVulnerability nine fixes in its Wednesday launch of Firefox 62 for Windows , Mac and Android – including one for a critical glitch that could enable attackers to run arbitrary code . Overall , the latest version of the Firefox browser included Vulnerability-related.PatchVulnerability fixes for the critical issue , three high-severity flaws , two moderate problems and three low-severity vulnerabilities . Topping the list is a memory safety bug ( CVE-2018-12376 ) , discovered Vulnerability-related.DiscoverVulnerability by a number of Mozilla developers and community members . A critical impact bug means the vulnerability can be used to run attacker code and install software , requiring no user interaction beyond normal browsing , according to Mozilla . The memory safety problem , which exists in Vulnerability-related.DiscoverVulnerability Firefox 61 and Firefox ESR 60 , meets these criteria , researchers said Vulnerability-related.DiscoverVulnerability . Mozilla didn ’ t release further details , but it did assign one CVE Vulnerability-related.DiscoverVulnerability to represent multiple similar issues . In addition to the memory safety bug ( s ) , Mozilla also fixed Vulnerability-related.PatchVulnerability three high-severity vulnerabilities in its latest update . These include a use-after-free glitch in refresh driver timers ( CVE-2018-12377 ) , which power browser-page refreshes . Another high-severity bug ( CVE-2018-12378 ) is a use-after-free vulnerability that occurs Vulnerability-related.DiscoverVulnerability when an IndexedDB index ( a low-level API for client-side storage of significant amounts of structured data ) is deleted while still in use by JavaScript code providing payload values . “ This results in a potentially exploitable crash , ” the advisory said . Mozilla developers and community members also found Vulnerability-related.DiscoverVulnerability a memory-safety bug ( CVE-2018-12375 ) in Firefox 61 , which showed evidence of memory corruption and could be exploited Vulnerability-related.DiscoverVulnerability to run arbitrary code , according to the advisory . The moderate and low-severity fixes that were deployed Vulnerability-related.PatchVulnerability in Firefox 62 include patches for an out-of-bounds write flaw ( triggered when the Mozilla Updater opens a MAR format file that contains a very long item filename ) ; and a proxy bypass glitch in the browser ’ s proxy settings . Firefox 62 for desktop is available Vulnerability-related.PatchVulnerability for download on Mozilla ’ s website .

11th December was Microsoft ’ s December 2018 Patch Tuesday , which means users had to update Vulnerability-related.PatchVulnerability their computers to be protected from the latest threats to Windows and Microsoft products . Microsoft has fixed Vulnerability-related.PatchVulnerability 39 vulnerabilities , with 10 of them being labeled as Critical . Keeping up with its December 2018 Patch Tuesday , Microsoft announced Vulnerability-related.DiscoverVulnerability on its blog that a vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) . There was not much information provided to the customers about how and when this vulnerability was discovered Vulnerability-related.DiscoverVulnerability . The following details were released by Microsoft : The Exploit Microsoft Windows is prone Vulnerability-related.DiscoverVulnerability to a heap-based buffer-overflow vulnerability . A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) servers when they fail to properly handle requests . An attacker who successfully exploits Vulnerability-related.DiscoverVulnerability this issue may execute arbitrary code within the context of the affected application . Microsoft states that failed exploit attempts will result in a denial-of-service condition . Windows servers that are configured as DNS servers are at risk from this vulnerability . Affected Systems Find a list of the affected systems on Microsoft ’ s Blog . The company has also provided Vulnerability-related.PatchVulnerability users with security updates for the affected systems . Workarounds and Mitigations As of today , Microsoft has not identified any workarounds or mitigations for the affected systems . Jake Williams , the founder of Rendition Security and Rally security , posted an update on Twitter about the issue , questioning why there is no sufficient discussion among the infosec community about the matter .

11th December was Microsoft ’ s December 2018 Patch Tuesday , which means users had to update Vulnerability-related.PatchVulnerability their computers to be protected from the latest threats to Windows and Microsoft products . Microsoft has fixed Vulnerability-related.PatchVulnerability 39 vulnerabilities , with 10 of them being labeled as Critical . Keeping up with its December 2018 Patch Tuesday , Microsoft announced Vulnerability-related.DiscoverVulnerability on its blog that a vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) . There was not much information provided to the customers about how and when this vulnerability was discovered Vulnerability-related.DiscoverVulnerability . The following details were released by Microsoft : The Exploit Microsoft Windows is prone Vulnerability-related.DiscoverVulnerability to a heap-based buffer-overflow vulnerability . A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) servers when they fail to properly handle requests . An attacker who successfully exploits Vulnerability-related.DiscoverVulnerability this issue may execute arbitrary code within the context of the affected application . Microsoft states that failed exploit attempts will result in a denial-of-service condition . Windows servers that are configured as DNS servers are at risk from this vulnerability . Affected Systems Find a list of the affected systems on Microsoft ’ s Blog . The company has also provided Vulnerability-related.PatchVulnerability users with security updates for the affected systems . Workarounds and Mitigations As of today , Microsoft has not identified any workarounds or mitigations for the affected systems . Jake Williams , the founder of Rendition Security and Rally security , posted an update on Twitter about the issue , questioning why there is no sufficient discussion among the infosec community about the matter .

Troubled browser has once again come under attack , with flaw discovered Vulnerability-related.DiscoverVulnerability in multiple versions of Internet Explorer . Microsoft has been forced to issue Vulnerability-related.PatchVulnerability an emergency security patch for its Internet Explorer browser . The release came after Google security engineer Clement Lecigne uncovered Vulnerability-related.DiscoverVulnerability a critical vulnerability in several versions of Microsoft 's browser , and could have been activated simply by directing users to a malicious website The flaw , known as CVE-2018-8653 , affects Vulnerability-related.DiscoverVulnerability Internet Explorer 9 , 10 and 11 , with the update issued Vulnerability-related.PatchVulnerability to Windows 7 , 8.1 and 10 versions , as well as Windows Server 2008 , 2012 , 2016 and 2019 . `` A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability the way that the scripting engine handles objects in memory in Internet Explorer , '' Microsoft stated in its support document for the threat . `` The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user . '' The company has issued Vulnerability-related.PatchVulnerability a fix for the flaw now , outside of its typical Patch Tuesday security cycle , signifying it is a significant threat and should be patched Vulnerability-related.PatchVulnerability immediately . Microsoft has gradually retired Internet Explorer from public view over the past few years as it focuses on its newer browser Edge , with only customised versions available to certain business users . The company may also be about to pull the plug on Edge as well , with report recently confirming Microsoft is set to introduce a new browser built on Google 's Chromium platform .

Microsoft has issued Vulnerability-related.PatchVulnerability an emergency , out-of-band patch for an Internet Explorer zero-day that was being actively exploited Vulnerability-related.DiscoverVulnerability in targeted attacks . The company says that it learned about the vulnerability through a report from Google . CVE-2018-8653 affects Vulnerability-related.DiscoverVulnerability a range of versions of Internet Explorer from 9 to 11 , across Windows 7 to 10 and Windows Server . The vulnerability amounts to a remote code execution exploit , and it was first spotted Vulnerability-related.DiscoverVulnerability by Google 's Threat Analysis Group . Microsoft explains Vulnerability-related.DiscoverVulnerability that a problem with Internet Explorer 's scripting engine could be exploited Vulnerability-related.DiscoverVulnerability by an attacker to execute arbitrary code on a victim 's computer . In a short security advisory , the company says : Today , we released Vulnerability-related.PatchVulnerability a security update for Internet Explorer after receiving a report Vulnerability-related.DiscoverVulnerability from Google about a new vulnerability being used in targeted attacks . Customers who have Windows Update enabled and have applied Vulnerability-related.PatchVulnerability the latest security updates , are protected automatically . We encourage customers to turn on automatic updates . Microsoft would like to thank Google for their assistance . In a more detailed security vulnerability posting , Microsoft explains the impact of the problem : A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability the way that the scripting engine handles objects in memory in Internet Explorer . The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user . An attacker who successfully exploited Vulnerability-related.DiscoverVulnerability the vulnerability could gain the same user rights as the current user . If the current user is logged on with administrative user rights , an attacker who successfully exploited Vulnerability-related.DiscoverVulnerability the vulnerability could take control of an affected system . An attacker could then install programs ; view , change , or delete data ; or create new accounts with full user rights . In a web-based attack scenario , an attacker could host a specially crafted website that is designed Attack.Phishing to exploit the vulnerability through Internet Explorer and then convince Attack.Phishing a user to view the website , for example , by sending Attack.Phishing an email . The security update addresses Vulnerability-related.PatchVulnerability the vulnerability by modifying Vulnerability-related.PatchVulnerability how the scripting engine handles objects in memory .

Microsoft issued Vulnerability-related.PatchVulnerability numerous bug fixes on its most recent Patch Tuesday , but according to the security firm 0patch , there were issues with one of the flaws for a critical vulnerability . The vulnerability in question Vulnerability-related.DiscoverVulnerability , ( CVE-2018-8423 ) , is a memory corruption vulnerability that exists in Vulnerability-related.DiscoverVulnerability the Jet Database Engine that , when exploited Vulnerability-related.DiscoverVulnerability , allows for remote code execution . 0patch noticed that the patch Microsoft had issued Vulnerability-related.PatchVulnerability was flawed as a result of studying the official patch of the Jet Database Engine and a “ micropatch ” that the security researchers had created for the same flaw . They explain this revelation as follows : As expected , the update brought a modified msrd3x40.dll binary : this is the binary with the vulnerability , which we had micropatched with 4 CPU instructions ( one of which was just for reporting purposes ) . The version of msrd3x40.dll changed from 4.0.9801.0 to 4.0.9801.5 and of course , its cryptographic hash also changed - which resulted in our micropatch for this issue no longer getting applied to msrd3x40.dll . So far so good , but the problems became glaring once further analysis began : We BinDiff-ed the patched msrd3x40.dll to its vulnerable version and reviewed the differences . At this point we will only state that we found the official fix to be slightly different to our micropatch , and unfortunately in a way that only limited the vulnerability instead of eliminating it . We promptly notified Microsoft about it and will not reveal further details or proof-of-concept until they issue Vulnerability-related.PatchVulnerability a correct fix . It may be a little frustrating to not know what the problem is from a tech journalist ’ s perspective , but as I am also an “ ethical ” hacker , I totally understand the lack of disclosure on the part of both Microsoft and 0patch . If the flaw is not public knowledge and has not been patched Vulnerability-related.PatchVulnerability , it makes no sense to hand a cybercriminal the keys to Windows user ’ s machines . What this story shows is how vital the relationship between third-party security researchers and vendors . Without the due diligence of first Trend Micro ’ s ZDI discovering Vulnerability-related.DiscoverVulnerability the original flaw , and then 0patch uncovering Vulnerability-related.DiscoverVulnerability the secondary flaw in the patch , Microsoft and their customers would be exposed to hackers with bad intentions .

Microsoft has seen Vulnerability-related.DiscoverVulnerability its share of issues as of late , and now a seemingly simple patch is causing serious issues to certain laptops running the 2016 Anniversary Update . The update was originally released Vulnerability-related.PatchVulnerability to prevent a zero-day attack on IE . Per Microsoft , this was the issue being fixed Vulnerability-related.PatchVulnerability : A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability the way that the scripting engine handles objects in memory in Internet Explorer . The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user . An attacker who successfully exploited Vulnerability-related.DiscoverVulnerability the vulnerability could gain the same user rights as the current user . If the current user is logged on with administrative user rights , an attacker who successfully exploited Vulnerability-related.DiscoverVulnerability the vulnerability could take control of an affected system . An attacker could then install programs ; view , change , or delete data ; or create new accounts with full user rights . In a web-based attack scenario , an attacker could host a specially crafted website that is designed Attack.Phishing to exploit the vulnerability through Internet Explorer and then convince Attack.Phishing a user to view the website , for example , by sending Attack.Phishing an email . The security update addresses Vulnerability-related.PatchVulnerability the vulnerability by modifying how the scripting engine handles objects in memory . But now that fix is causing a pretty big problem of its own : it ’ s preventing certain laptops from booting . The affected machines are part of a pretty small bunch—only Lenovo laptops with less than 8 GB of RAM running the 2016 Anniversary Update ( 1607 ) —but it ’ s still a pretty bad problem to have . Fortunately , there ’ s a way to bypass the failed boot by restarting into the UEFI and disabling Secure Boot . It ’ s also noted that if BitLocker is enabled that you may have to go through BitLocker recovery after disabling Secure Boot . On the upside , Microsoft is working with Lenovo to correct Vulnerability-related.PatchVulnerability the issue and will release Vulnerability-related.PatchVulnerability a fix sometime in the future . I just wouldn ’ t count on it before the end of the year . Until then , be careful when updating devices , especially if they happen to be Lenovo laptops with limited RAM .

Overall , the chip giant patched Vulnerability-related.PatchVulnerability five vulnerabilities across an array of its products . Intel on Tuesday patched Vulnerability-related.PatchVulnerability three high-severity vulnerabilities that could allow the escalation of privileges across an array of products . Overall , the chip giant fixed Vulnerability-related.PatchVulnerability five bugs – three rated high-severity , and two medium-severity . The most concerning of these bugs is an escalation-of-privilege glitch in Intel ’ s PROset/Wireless Wi-Fi software , which is its wireless connection management tool . The vulnerability , CVE-2018-12177 , has a “ high ” CVSS score of 7.8 , according to Intel ’ s update . “ Intel is releasing Vulnerability-related.PatchVulnerability software updates to mitigate Vulnerability-related.PatchVulnerability this potential vulnerability , ” it said , urging users to update Vulnerability-related.PatchVulnerability to version 20.90.0.7 or later of the software . The vulnerability , reported Vulnerability-related.DiscoverVulnerability by Thomas Hibbert of Insomnia Security , stems from improper directory permissions plaguing the software ’ s ZeroConfig service in versions before 20.90.0.7 . The issue could allow an authorized user to potentially enable escalation of privilege via local access . The other high-severity bug exists in Vulnerability-related.DiscoverVulnerability the company ’ s System Support Utility for Windows , which offers support for Intel-packed Windows device users . This bug ( CVE-2019-0088 ) is due to insufficient path checking in the support utility , allowing an already-authenticated user to potentially gain escalation of privilege via local access . The vulnerability has a CVSS score of 7.5 . Versions of System Support Utility for Windows before 2.5.0.15 are impacted Vulnerability-related.DiscoverVulnerability ; Intel recommends Vulnerability-related.PatchVulnerability users update Vulnerability-related.PatchVulnerability to versions 2.5.0.15 or later . Independent security researcher Alec Blance was credited with discovering Vulnerability-related.DiscoverVulnerability the flaw . The chip-maker also patched Vulnerability-related.PatchVulnerability a high-severity and medium-severity flaw in its Software Guard Extensions ( SGX ) platform and software , which help application developers to protect select code and data from disclosure or modification . “ Multiple potential security vulnerabilities in Intel SGX SDK and Intel SGX Platform Software may allow escalation of privilege or information disclosure , ” said Vulnerability-related.DiscoverVulnerability Intel . The high-severity flaw in SGX ( CVE-2018-18098 ) has a CVSS score of 7.5 and could allow an attacker with local access to gain escalated privileges . The vulnerability is rooted in Vulnerability-related.DiscoverVulnerability improper file verification in the install routine for Intel ’ s SGX SDK and Platform Software for Windows before 2.2.100 . It was discovered Vulnerability-related.DiscoverVulnerability by researcher Saif Allah ben Massaoud . Another vulnerability in the platform ( CVE-2018-12155 ) is only medium in severity , but could allow an unprivileged user to cause information disclosure via local access . That ’ s due to data leakage Attack.Databreach in the cryptographic libraries of the SGX platform ’ s Integrated Performance Primitives , a function that provides developers with building blocks for image and data processing . And finally , a medium escalation of privilege vulnerability in Intel ’ s SSD data-center tool for Windows has been patched Vulnerability-related.PatchVulnerability . “ Improper directory permissions in the installer for the Intel SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access , ” said Vulnerability-related.DiscoverVulnerability Intel ’ s update . The company recommends users update to v3.0.17 or later . Intel ’ s patch comes Vulnerability-related.PatchVulnerability during a busy patch Tuesday week , which includes fixes from Adobe and Microsoft .

Microsoft rolled out Vulnerability-related.PatchVulnerability 60 patches for its Patch Tuesday release , impacting 19 critical flaws and 39 important flaws . Microsoft has rolled out Vulnerability-related.PatchVulnerability its August Patch Tuesday fixes , addressing Vulnerability-related.PatchVulnerability 19 critical vulnerabilities , including fixes for two zero-day vulnerabilities that are under active attack . Overall , the company patched Vulnerability-related.PatchVulnerability a total of 60 flaws , spanning Microsoft Windows , Edge , Internet Explorer ( IE ) , Office , .NET Framework , ChakraCore , Exchange Server , Microsoft SQL Server and Visual Studio . Of those , 19 were critical , 39 were rated important , one was moderate and one was rated low in severity . The patch release includes two exploited flaws , CVE-2018-8373 and CVE-2018-8414 , which were previously disclosed Vulnerability-related.DiscoverVulnerability by researchers . The first zero-day , CVE-2018-8373 , could result in remote code-execution ( RCE ) and grants the same privileges as a logged-in user , including administrative rights . The vulnerability exists in Vulnerability-related.DiscoverVulnerability IE 9 , 10 and 11 , impacting Vulnerability-related.DiscoverVulnerability all Windows operating systems from Server 2008 to Windows 10 . Meanwhile , CVE-2018-8414 also enables RCE with the privileges of the logged-in user , and exists on Vulnerability-related.DiscoverVulnerability Windows 10 versions 1703 and newer , as well as Server 1709 and Server 1803 . “ The two zero-day vulnerabilities are … publicly disclosed Vulnerability-related.DiscoverVulnerability and exploited Vulnerability-related.DiscoverVulnerability , ” said Chris Goettl , director of product management , security , for Ivanti , in an email . “ CVE-2018-8373 is a vulnerability that exists in Vulnerability-related.DiscoverVulnerability the way that the scripting engine handles objects in memory in Internet Explorer . CVE-2018-8414 code-execution vulnerability exists Vulnerability-related.DiscoverVulnerability when the Windows Shell does not properly validate file paths. ” Microsoft also issued Vulnerability-related.PatchVulnerability fixes for security issues that don ’ t impact Windows , but the company thought they were important enough to package into its OS updates , dubbed advisories . Microsoft ’ s Patch Tuesday comes after the company found itself in hot water last month after its new update model caused stability issues for Windows operating systems and applications , particularly in July . The model irked customers so much that enterprise patching veteran Susan Bradley wrote an open letter to Microsoft executives expressing the “ dissatisfaction your customers have with the updates released Vulnerability-related.PatchVulnerability for Windows desktops and servers in recent months . ”

Microsoft rolled out Vulnerability-related.PatchVulnerability 60 patches for its Patch Tuesday release , impacting 19 critical flaws and 39 important flaws . Microsoft has rolled out Vulnerability-related.PatchVulnerability its August Patch Tuesday fixes , addressing Vulnerability-related.PatchVulnerability 19 critical vulnerabilities , including fixes for two zero-day vulnerabilities that are under active attack . Overall , the company patched Vulnerability-related.PatchVulnerability a total of 60 flaws , spanning Microsoft Windows , Edge , Internet Explorer ( IE ) , Office , .NET Framework , ChakraCore , Exchange Server , Microsoft SQL Server and Visual Studio . Of those , 19 were critical , 39 were rated important , one was moderate and one was rated low in severity . The patch release includes two exploited flaws , CVE-2018-8373 and CVE-2018-8414 , which were previously disclosed Vulnerability-related.DiscoverVulnerability by researchers . The first zero-day , CVE-2018-8373 , could result in remote code-execution ( RCE ) and grants the same privileges as a logged-in user , including administrative rights . The vulnerability exists in Vulnerability-related.DiscoverVulnerability IE 9 , 10 and 11 , impacting Vulnerability-related.DiscoverVulnerability all Windows operating systems from Server 2008 to Windows 10 . Meanwhile , CVE-2018-8414 also enables RCE with the privileges of the logged-in user , and exists on Vulnerability-related.DiscoverVulnerability Windows 10 versions 1703 and newer , as well as Server 1709 and Server 1803 . “ The two zero-day vulnerabilities are … publicly disclosed Vulnerability-related.DiscoverVulnerability and exploited Vulnerability-related.DiscoverVulnerability , ” said Chris Goettl , director of product management , security , for Ivanti , in an email . “ CVE-2018-8373 is a vulnerability that exists in Vulnerability-related.DiscoverVulnerability the way that the scripting engine handles objects in memory in Internet Explorer . CVE-2018-8414 code-execution vulnerability exists Vulnerability-related.DiscoverVulnerability when the Windows Shell does not properly validate file paths. ” Microsoft also issued Vulnerability-related.PatchVulnerability fixes for security issues that don ’ t impact Windows , but the company thought they were important enough to package into its OS updates , dubbed advisories . Microsoft ’ s Patch Tuesday comes after the company found itself in hot water last month after its new update model caused stability issues for Windows operating systems and applications , particularly in July . The model irked customers so much that enterprise patching veteran Susan Bradley wrote an open letter to Microsoft executives expressing the “ dissatisfaction your customers have with the updates released Vulnerability-related.PatchVulnerability for Windows desktops and servers in recent months . ”

Independent security researcher Dawid Golunski has released Vulnerability-related.DiscoverVulnerability a proof-of-concept exploit code for an unauthenticated remote code execution vulnerability in WordPress 4.6 ( CVE-2016-10033 ) , and information about an unauthorized password reset zero-day vulnerability ( CVE-2017-8295 ) in the latest version of the popular CMS . The vulnerability exists in Vulnerability-related.DiscoverVulnerability the PHPMailer library , and can be exploited Vulnerability-related.DiscoverVulnerability by unauthenticated remote attackers to gain access to and compromise an target application server on which a vulnerable WordPress Core version is installed ( in its default configuration ) . “ No plugins or non-standard settings are required to exploit the vulnerability , ” Golunski noted . The hole has been responsibly disclosed Vulnerability-related.DiscoverVulnerability to the WordPress Foundation , and has been plugged Vulnerability-related.PatchVulnerability in January , with the release of WordPress 4.7.1 . Still , according to the Foundation ’ s own numbers , nearly 11 percent of all WordPress installation out there are still stuck on the vulnerable version 4.6 . And , as Golunski noted Vulnerability-related.DiscoverVulnerability , it ’ s possible that older WordPress versions are also affected Vulnerability-related.DiscoverVulnerability by the same flaw , so the percentage of vulnerable installations could be considerably higher : Admins who still run these older versions of the popular CMS should upgrade Vulnerability-related.PatchVulnerability to newer versions , ideally to the latest one ( v4.7.4 ) . Still , even that might not be a guarantee against compromise , as Golunski has also publicly released Vulnerability-related.DiscoverVulnerability information and POC code for an unauthorized password reset vulnerability ( CVE-2017-8295 ) that the WordPress Foundation is yet to patch Vulnerability-related.PatchVulnerability . According to him and BeyondSecurity , whose SecuriTeam coordinated the disclosure Vulnerability-related.DiscoverVulnerability of the flaw to the WordPress developers , the discovery Vulnerability-related.DiscoverVulnerability of the vulnerability dates back to mid-2016 . Golunski found Vulnerability-related.DiscoverVulnerability it in version 4.3.1 of the CMS . “ WordPress has a password reset feature that contains Vulnerability-related.DiscoverVulnerability a vulnerability which might in some cases allow attackers to get hold of the password reset link without previous authentication . Such attack could lead to an attacker gaining unauthorized access to a victim ’ s WordPress account , ” BeyondSecurity explained . “ The vulnerability stems from WordPress using untrusted data by default when creating a password reset e-mail that is supposed to be delivered only to the e-mail associated with the owner ’ s account. ” Golunski says Vulnerability-related.DiscoverVulnerability that the issue was reported Vulnerability-related.DiscoverVulnerability to the WordPress security team multiple times , but they did not confirm whether it has been patched Vulnerability-related.PatchVulnerability . He ultimately decided to publish Vulnerability-related.DiscoverVulnerability his findings , and offer Vulnerability-related.PatchVulnerability a temporary solution ( “ users can enable UseCanonicalName to enforce static SERVER_NAME value ” ) .

A zero-day vulnerability exists in Vulnerability-related.DiscoverVulnerability WordPress Core that in some instances could allow an attacker to reset a user ’ s password and gain access to their account . Researcher Dawid Golunski of Legal Hackers disclosed Vulnerability-related.DiscoverVulnerability the vulnerability on Wednesday via his new ExploitBox service . All versions of WordPress , including the latest , 4.7.4 , are vulnerable Vulnerability-related.DiscoverVulnerability , the researcher said . The vulnerability ( CVE-2017-8295 ) happens because WordPress uses what Golunski calls untrusted data by default when it creates a password reset email . In a proof-of-concept writeup , Golunski points out that WordPress uses a variable , SERVER_NAME , to get the hostname to create a From/Return-Path header for the password reset email . Since that variable , by its nature , can be customized , an attacker could insert a domain of his choosing and make it so an outgoing email could be sent to a malicious address , the researcher says . The attacker would then receive the reset email and be able to change the account password and take over . “ Depending on the configuration of the mail server , it may result in an email that gets sent to the victim WordPress user with such malicious From/Return-Path address set in the email headers , ” Golunski wrote . “ This could possibly allow the attacker to intercept the email containing the password reset link in some cases requiring user interaction as well as without user interaction. ” Golunski writes that there are three scenarios in which a user could be tricked Attack.Phishing , and only one of them relies on user interaction . In one , an attacker could perform a denial of service attack on the victim ’ s email account in order to prevent the password reset email from reaching the victim ’ s account . Instead , it could bounce back to the malicious sender address , pointed at the attacker . Second , Golunski says some auto-responders may attach a copy of the email sent in the body of the auto-replied message . Third , by sending multiple password reset emails , he says the attacker could trigger the victim to ask for an explanation , below , which could contain the malicious password link . Golunski said Vulnerability-related.DiscoverVulnerability he reported Vulnerability-related.DiscoverVulnerability the issue to WordPress ’ s security team multiple times , initially more than 10 months ago in July 2016 . The researcher told Threatpost that WordPress never outright rejected his claim – he says WordPress told him it was working on the issue – but acknowledged that too much time has passed without a clear resolution , something which prompted him to release details Vulnerability-related.DiscoverVulnerability on the bug on Wednesday . Campbell said that it ’ s possible WordPress will patch Vulnerability-related.PatchVulnerability the issue , even if just for poorly configured servers , but acknowledged he didn ’ t have a timetable for the fix . Concerned WordPress users should follow a public ticket that was started for the issue last July , Campbell added . While there ’ s no official fix available Vulnerability-related.PatchVulnerability yet , Golunski says users can enable the UseCanonicalName setting on Apache to enforce a static SERVER_NAME value to ensure it doesn ’ t get modified . Golunski has had his hands full finding Vulnerability-related.DiscoverVulnerability vulnerabilities related to PHP-based email platforms . He discovered Vulnerability-related.DiscoverVulnerability a remote code execution bug in SquirrelMail in January that disclosed Vulnerability-related.DiscoverVulnerability and quickly patched Vulnerability-related.PatchVulnerability last month and similar RCE bugs in PHPMailer and SwiftMailer , libraries used to send emails via PHP , at the end of 2016 .

The industrial company on Tuesday released Vulnerability-related.PatchVulnerability mitigations for eight vulnerabilities overall . Siemens AG on Tuesday issued Vulnerability-related.PatchVulnerability a slew of fixes addressing Vulnerability-related.PatchVulnerability eight vulnerabilities spanning its industrial product lines . The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens ’ SCALANCE firewall product . The flaw could allow an attacker to gain unauthorized access Attack.Databreach to industrial networks and ultimately put operations and production at risk . The SCALANCE S firewall is used to protect secure industrial networks from untrusted network traffic , and allows filtering incoming and outgoing network connections in different ways . Siemens S602 , S612 , S623 , S627-2M SCALANCE devices with software versions prior to V4.0.1.1 are impacted Vulnerability-related.DiscoverVulnerability . Researchers with Applied Risk , who discovered Vulnerability-related.DiscoverVulnerability the flaw , said Vulnerability-related.DiscoverVulnerability that vulnerability exists in Vulnerability-related.DiscoverVulnerability the web server of the firewall software . An attacker can carry out the attack by crafting Attack.Phishing a malicious link and tricking Attack.Phishing an administrator – who is logged into the web server – to click that link . Once an admin does so , the attacker can execute commands on the web server , on the administrator ’ s behalf . “ The integrated web server allows a cross-site scripting attack if an administrator is misled Attack.Phishing into accessing a malicious link , ” Applied Risk researcher Nelson Berg said in Vulnerability-related.DiscoverVulnerability an analysis Vulnerability-related.DiscoverVulnerability of the flaw . “ Successful exploitation may lead to the ability to bypass critical security measures provided by the firewall. ” Exploitation of this vulnerability could ultimately enable threat actors to bypass critical security functions provided by the firewall , potentially providing access to industrial networks and putting operations and production at risk . The vulnerability , CVE-2018-16555 , has a CVSS score which Applied Risk researcher calculates Vulnerability-related.DiscoverVulnerability to be 8.2 ( or high severity ) . That said , researchers said Vulnerability-related.DiscoverVulnerability a successful exploit is not completely seamless and takes some time and effort to carry out – for an attacker to exploit the flaw , user interaction is required and the administrator must be logged into the web interface . Researchers said Vulnerability-related.DiscoverVulnerability that no exploit of the vulnerability has been discovered Vulnerability-related.DiscoverVulnerability thus far . Siemens addressed Vulnerability-related.PatchVulnerability the reported vulnerability by releasing Vulnerability-related.PatchVulnerability a software update ( V4.0.1.1 ) and also advised customers to “ only access links from trusted sources in the browser you use to access the SCALANCE S administration website. ” The industrial company also released Vulnerability-related.PatchVulnerability an array of fixes for other vulnerabilities on Tuesday . Overall , eight advisories were released by the US CERT . Another serious vulnerability ( CVE-2018-16556 ) addressed Vulnerability-related.PatchVulnerability was an improper input validation flaw in certain Siemens S7-400 CPUs . Successful exploitation of these vulnerabilities could crash the device being accessed which may require a manual reboot or firmware re-image to bring the system back to normal operation , according to the advisory . “ Specially crafted packets sent to Port 102/TCP via Ethernet interface , via PROFIBUS , or via multi-point interfaces ( MPI ) could cause the affected devices to go into defect mode . Manual reboot is required to resume normal operation , ” according to US Cert . An improper access control vulnerability that is exploitable Vulnerability-related.DiscoverVulnerability remotely in Siemens IEC 61850 system configurator , DIGSI 5 , DIGSI 4 , SICAM PAS/PQS , SICAM PQ Analyzer , and SICAM SCC , was also mitigated Vulnerability-related.PatchVulnerability . The vulnerability , CVE-2018-4858 , has a CVSS of 4.2 and exists in Vulnerability-related.DiscoverVulnerability a service of the affected products listening on all of the host ’ s network interfaces on either Port 4884/TCP , Port 5885/TCP , or Port 5886/TCP . The service could allow an attacker to either exfiltrate Attack.Databreach limited data from the system or execute code with Microsoft Windows user permissions . Also mitigated Vulnerability-related.PatchVulnerability were an improper authentication vulnerability ( CVE-2018-13804 ) in SIMATIC IT Production Suite and a code injection vulnerability ( CVE-2018-13814 ) in SIMATIC Panels and SIMATIC WinCC that could allow an attacker with network access to the web server to perform a HTTP header injection attack .

The industrial company on Tuesday released Vulnerability-related.PatchVulnerability mitigations for eight vulnerabilities overall . Siemens AG on Tuesday issued Vulnerability-related.PatchVulnerability a slew of fixes addressing Vulnerability-related.PatchVulnerability eight vulnerabilities spanning its industrial product lines . The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens ’ SCALANCE firewall product . The flaw could allow an attacker to gain unauthorized access Attack.Databreach to industrial networks and ultimately put operations and production at risk . The SCALANCE S firewall is used to protect secure industrial networks from untrusted network traffic , and allows filtering incoming and outgoing network connections in different ways . Siemens S602 , S612 , S623 , S627-2M SCALANCE devices with software versions prior to V4.0.1.1 are impacted Vulnerability-related.DiscoverVulnerability . Researchers with Applied Risk , who discovered Vulnerability-related.DiscoverVulnerability the flaw , said Vulnerability-related.DiscoverVulnerability that vulnerability exists in Vulnerability-related.DiscoverVulnerability the web server of the firewall software . An attacker can carry out the attack by crafting Attack.Phishing a malicious link and tricking Attack.Phishing an administrator – who is logged into the web server – to click that link . Once an admin does so , the attacker can execute commands on the web server , on the administrator ’ s behalf . “ The integrated web server allows a cross-site scripting attack if an administrator is misled Attack.Phishing into accessing a malicious link , ” Applied Risk researcher Nelson Berg said in Vulnerability-related.DiscoverVulnerability an analysis Vulnerability-related.DiscoverVulnerability of the flaw . “ Successful exploitation may lead to the ability to bypass critical security measures provided by the firewall. ” Exploitation of this vulnerability could ultimately enable threat actors to bypass critical security functions provided by the firewall , potentially providing access to industrial networks and putting operations and production at risk . The vulnerability , CVE-2018-16555 , has a CVSS score which Applied Risk researcher calculates Vulnerability-related.DiscoverVulnerability to be 8.2 ( or high severity ) . That said , researchers said Vulnerability-related.DiscoverVulnerability a successful exploit is not completely seamless and takes some time and effort to carry out – for an attacker to exploit the flaw , user interaction is required and the administrator must be logged into the web interface . Researchers said Vulnerability-related.DiscoverVulnerability that no exploit of the vulnerability has been discovered Vulnerability-related.DiscoverVulnerability thus far . Siemens addressed Vulnerability-related.PatchVulnerability the reported vulnerability by releasing Vulnerability-related.PatchVulnerability a software update ( V4.0.1.1 ) and also advised customers to “ only access links from trusted sources in the browser you use to access the SCALANCE S administration website. ” The industrial company also released Vulnerability-related.PatchVulnerability an array of fixes for other vulnerabilities on Tuesday . Overall , eight advisories were released by the US CERT . Another serious vulnerability ( CVE-2018-16556 ) addressed Vulnerability-related.PatchVulnerability was an improper input validation flaw in certain Siemens S7-400 CPUs . Successful exploitation of these vulnerabilities could crash the device being accessed which may require a manual reboot or firmware re-image to bring the system back to normal operation , according to the advisory . “ Specially crafted packets sent to Port 102/TCP via Ethernet interface , via PROFIBUS , or via multi-point interfaces ( MPI ) could cause the affected devices to go into defect mode . Manual reboot is required to resume normal operation , ” according to US Cert . An improper access control vulnerability that is exploitable Vulnerability-related.DiscoverVulnerability remotely in Siemens IEC 61850 system configurator , DIGSI 5 , DIGSI 4 , SICAM PAS/PQS , SICAM PQ Analyzer , and SICAM SCC , was also mitigated Vulnerability-related.PatchVulnerability . The vulnerability , CVE-2018-4858 , has a CVSS of 4.2 and exists in Vulnerability-related.DiscoverVulnerability a service of the affected products listening on all of the host ’ s network interfaces on either Port 4884/TCP , Port 5885/TCP , or Port 5886/TCP . The service could allow an attacker to either exfiltrate Attack.Databreach limited data from the system or execute code with Microsoft Windows user permissions . Also mitigated Vulnerability-related.PatchVulnerability were an improper authentication vulnerability ( CVE-2018-13804 ) in SIMATIC IT Production Suite and a code injection vulnerability ( CVE-2018-13814 ) in SIMATIC Panels and SIMATIC WinCC that could allow an attacker with network access to the web server to perform a HTTP header injection attack .