After observing attacks on customers , Cisco is telling users to i nstall Vulnerability-related.PatchVulnerability the fix for a recently disclosed denial-of-service flaw a ffecting Vulnerability-related.DiscoverVulnerability a number of its security appliances . The flaw , t racked as Vulnerability-related.DiscoverVulnerability CVE-2018-0296 , was detailed in an advisory on June 6 and a ffects Vulnerability-related.DiscoverVulnerability Cisco ASA Software and Cisco Firepower Threat Defense ( FTD ) Software . `` Cisco strongly recommends that customers u pgrade Vulnerability-related.PatchVulnerability to a fixed software release to r emediate Vulnerability-related.PatchVulnerability this issue , '' Omar Santos of Cisco 's Product Security Incident Response Team w arned Vulnerability-related.DiscoverVulnerability on June 22 . The attacks follow the publication of proof-of-concept exploits for the flaw . Santos n otes Vulnerability-related.DiscoverVulnerability that a unauthenticated , remote attacker could cause a device to reload unexpectedly and cause a denial-of-service ( DoS ) condition . Additionally , an exploit could cause a DoS or unauthenticated disclosure of information . However , Santos said : `` Only a denial-of-service condition ( device reload ) has been observed by Cisco . '' Cisco h as also updated Vulnerability-related.PatchVulnerability the advisory for CVE-2018-0296 with details about the attacks . The researcher who f ound Vulnerability-related.DiscoverVulnerability the flaw , Michał Bentkowski from Polish security firm Securitum , gave a brief description of the root cause in a tweet shortly after Cisco d isclosed Vulnerability-related.DiscoverVulnerability the bug . Bentkowsky r eported Vulnerability-related.DiscoverVulnerability the issue to Cisco as a way to use directory-traversal techniques to disclose information to an unauthenticated attacker . Cisco labeled its primary impact as a DoS condition , but said it is possible that on certain releases of ASA a device reload would not occur , yet still allow an attacker to use directory-traversal techniques to view sensitive system information . Bleeping Computer i dentified Vulnerability-related.DiscoverVulnerability two proof-of-concept exploits for CVE-2018-0296 on GitHub . One attempts to e xtract Attack.Databreach user names from Cisco ASA . The other states : `` If the web server is vulnerable , the script will dump in a text file both the content of the current directory , files in +CSCOE+ and active sessions . ''

Microsoft h as released Vulnerability-related.PatchVulnerability a patch for a critical remote code execution flaw a ffecting Vulnerability-related.DiscoverVulnerability a Windows service used for importing Docker container images . The vulnerability , t racked as Vulnerability-related.DiscoverVulnerability CVE-201808115 , is due to the Windows Host Compute Service Shim ( hcsshim ) library not properly validating input from container images while importing them . A remote attacker could execute malware on a Windows host using a malicious Docker container image if they managed to trick an authenticated administrator to import it in Docker for Windows , which uses the hcsshim library . `` An attacker who successfully e xploited Vulnerability-related.DiscoverVulnerability the vulnerability could execute arbitrary code on the host operating system , '' Microsoft notes in its advisory . The vulnerability h asn't been publicly disclosed. Vulnerability-related.DiscoverVulnerability Anyone using Docker for Windows c an resolve Vulnerability-related.PatchVulnerability the issue today by i nstalling Vulnerability-related.PatchVulnerability version 0.6.10 of hcsshim . The patch i s available Vulnerability-related.PatchVulnerability from Microsoft 's security advisory or from Microsoft 's GitHub page . Hcsshim , which is written in Go , is an open-source wrapper that Microsoft developed for use with its Host Compute Service , a container management API in Windows Hyper-V virtualization for Docker . The HCS abstraction layer is Microsoft 's way of allowing Docker containers to use Linux kernel features on Windows , such as Linux Namespaces and Control Groups . Hanselmann explains that the flaw stems from hccshim 's use of a function from Go and the failure to sanitize input from an imported container image . `` Its use of Go 's filepath.Join function with unsanitized input [ made it possible ] to create , remove and replace files in the host file system , leading to remote code execution , '' he noted . `` Importing a Docker container image or pulling one from a remote registry is n't commonly expected to make modifications to the host file system outside the Docker-internal data structures . '' Separately , Microsoft i s reportedly working Vulnerability-related.PatchVulnerability on a fix for a `` fatal flaw '' in its initial Windows 10 fix for the Meltdown CPU vulnerability . It 's b een patched Vulnerability-related.PatchVulnerability in the new Windows 10 April 2018 Update , according to Alex Ionescu , chief architect at Crowdstrike , but has n't been backported to previous versions of Windows 10 .

Thousands of industrial control systems ( ICS ) could be at risk of hacking due to critical vulnerabilities a ffecting Vulnerability-related.DiscoverVulnerability a popular piece of software . SecurityWeek d etailed Vulnerability-related.DiscoverVulnerability how the flaws a ffect Vulnerability-related.DiscoverVulnerability an application from 3S-Smart Software Solutions . The potential problem for ICS security stems from CODESYS , a hardware-independent middleware layer for programming Industrial Internet of Things ( IIoT ) and ICS . SecurityWeek r eported Vulnerability-related.DiscoverVulnerability the issue h as now been resolved Vulnerability-related.PatchVulnerability by 3S-Smart Software Solutions . However , the need for a patch , which could take some time to r oll out Vulnerability-related.PatchVulnerability to all affected organizations , highlighted the need for IT managers to be aware of the risk to connected technologies , particularly when it comes to ICS security . The flaws w ere discovered Vulnerability-related.DiscoverVulnerability by security firm CyberX . Phil Neray , vice president of industrial cybersecurity and marketing at CyberX , d escribed Vulnerability-related.DiscoverVulnerability how the vulnerabilities a ffect Vulnerability-related.DiscoverVulnerability all devices incorporating CODESYS Web Server v2.3 and earlier versions of the software . CODESYS is used to program a range of devices , such as programmable logic controllers and human machine interfaces . CyberX detailed how these devices are used in almost all elements of critical industrial infrastructure , including power plants , oil and gas installations , and chemical and pharmaceutical factories . The first vulnerability , CVE-2017-6027 , allows an attacker to upload arbitrary files to the CODESYS Web Server and potentially create remote code execution . The second flaw , CVE-2017-6025 , is a stack-based buffer overflow that attackers could use to crash the application or execute arbitrary code . The fear is that attackers could use the flaws to create safety failure and environmental damage at critical industrial infrastructure . ICS-CERT p ublished Vulnerability-related.DiscoverVulnerability an advisory note and rated the potential risk score of the vulnerabilities as critical because attackers can potentially gain remote code execution capabilities . 3S-Smart Software h as released Vulnerability-related.PatchVulnerability a patch , but CyberX suggested that the rollout process could be complicated by a range of factors .