Cisco has released Vulnerability-related.PatchVulnerability a new patch designed to fix Vulnerability-related.PatchVulnerability a failed update which has not prevented the exploit of a severe Webex vulnerability . The original security flaw , CVE-2018-15442 , is present in Vulnerability-related.DiscoverVulnerability the Cisco Webex Meetings Desktop App for Windows and is described Vulnerability-related.DiscoverVulnerability as a bug which `` could allow an authenticated , local attacker to execute arbitrary commands as a privileged user . '' Cisco 's original security update was published Vulnerability-related.PatchVulnerability in October in order to remedy Vulnerability-related.PatchVulnerability the flaw , in which a lack of validation for user-supplied parameters in the app could be harnessed to exploit the bug . If an attacker is successful in utilizing the vulnerability , they can force the app to run arbitrary commands with user privileges . `` While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access , administrators should be aware that in Active Directory deployments , the vulnerability could be exploited Vulnerability-related.DiscoverVulnerability remotely by leveraging the operating system remote management tools , '' the company added . Software releases prior to 33.6.4 -- alongside Cisco Webex Productivity Tools Releases 32.6.0 and later prior to 33.0.6 -- are impacted on Windows systems . It was not long after the release Vulnerability-related.PatchVulnerability of the first patch that researchers from SecureAuth deemed the original fix incomplete . The original patch only forced the service to run files signed by Webex , but failed to account for DLL-based attacks , according to the team . `` The vulnerability can be exploited Vulnerability-related.DiscoverVulnerability by copying to a local attacker controller folder , the ptUpdate.exe binary , '' the researchers said Vulnerability-related.DiscoverVulnerability in an advisory . `` Also , a malicious dll must be placed in the same folder , named wbxtrace.dll . To gain privileges , the attacker must start the service with the command line : sc start webexservice install software-update 1 `` attacker-controlled-path '' ( if the parameter 1 does n't work , then 2 should be used ) . '' These findings were sent to Cisco , which acknowledged the DLL attack method . A new patch was then issued Vulnerability-related.PatchVulnerability roughly a week after being informed Vulnerability-related.DiscoverVulnerability of the issue . `` After an additional attack method was reported to Cisco , the previous fix for this vulnerability was determined to be insufficient , '' Cisco says . `` A new fix was developed Vulnerability-related.PatchVulnerability , and the advisory was updated Vulnerability-related.PatchVulnerability on November 27 , 2018 , to reflect which software releases Vulnerability-related.PatchVulnerability include the complete fix . ''

The bug was found Vulnerability-related.DiscoverVulnerability in the core infrastructure of Apache Struts 2 . The Apache Software Foundation has patched Vulnerability-related.PatchVulnerability a critical security vulnerability which affects Vulnerability-related.DiscoverVulnerability all versions of Apache Struts 2 . Uncovered Vulnerability-related.DiscoverVulnerability by researchers from cybersecurity firm Semmle , the security flaw is caused by the insufficient validation of untrusted user data in the core Struts framework . When Apache Struts uses results with no namespace and in the same time , upper actions have no wild namespace . The same opportunity for exploit exists when the URL tag is in use and there is no value or action set . As the bug , CVE-2018-11776 , has been discovered Vulnerability-related.DiscoverVulnerability in the Struts core , the team says there are multiple attack vectors threat actors could use to exploit the vulnerability . If the alwaysSelectFullNamespace flag is set to true in the Struts configuration , which is automatically the case when the Struts Convention plugin is in use , or if a user 's Struts configuration file contains a tag that does not specify the optional namespace attribute or specifies a wildcard namespace . Man Yue Mo from the Semmle Security Research Team first reported Vulnerability-related.DiscoverVulnerability the flaw . `` This vulnerability affects Vulnerability-related.DiscoverVulnerability commonly-used endpoints of Struts , which are likely to be exposed , opening up an attack vector to malicious hackers , '' Mo says Vulnerability-related.DiscoverVulnerability . `` On top of that , the weakness is related to the Struts OGNL language , which hackers are very familiar with , and are known to have been exploited Vulnerability-related.DiscoverVulnerability in the past . '' The vulnerability affects Vulnerability-related.DiscoverVulnerability all versions of Apache Struts 2 . Companies which use the popular open-source framework are urged to update their builds immediately . Users of Struts 2.3 are advised to upgrade Vulnerability-related.PatchVulnerability to 2.3.35 ; users of Struts 2.5 need to upgrade Vulnerability-related.PatchVulnerability to 2.5.17 . As the latest releases only contain Vulnerability-related.PatchVulnerability fixes for the vulnerability , Apache does not expect users to experience any backward compatibility issues . `` Previous disclosures Vulnerability-related.DiscoverVulnerability of similarly critical vulnerabilities have resulted in exploits being published Vulnerability-related.DiscoverVulnerability within a day , putting critical infrastructure and customer data at risk , '' Semmle says . `` All applications that use Struts are potentially vulnerable Vulnerability-related.DiscoverVulnerability , even when no additional plugins have been enabled . '' Mo first reported Vulnerability-related.DiscoverVulnerability the findings in April . By June , the Apache Struts team published the code which resolved Vulnerability-related.PatchVulnerability the problem , leading to the release Vulnerability-related.PatchVulnerability of official patches on August 22 .

Ransomware scammers have been exploiting a flaw in Apple 's Mobile Safari browser in a campaign to extort fees Attack.Ransom from uninformed users . The scammers particularly target those who viewed porn or other controversial content . Apple patched Vulnerability-related.PatchVulnerability the vulnerability on Monday with the release Vulnerability-related.PatchVulnerability of iOS version 10.3 . The flaw involved the way that Safari displayed JavaScript pop-up windows . In fact , recovering from the pop-up loop was as easy as going into the device settings and clearing the browser cache . This simple fix was possibly lost on some uninformed targets who were too uncomfortable to ask for outside help . `` The attackers effectively used fear as a factor to get what they wanted before the victim realized that there was little actual risk , '' Lookout researchers Andrew Blaich and Jeremy Richards wrote in Monday 's post . The user provided the screenshot shown above , which attempts to instill fear with the claim the device was being locked `` for illegal pornography . '' Below those words was a pop-up Window that said `` Can not Open Page . '' Each time the person clicked on the accompanying OK button , a new window would open again . The JavaScript used in the attack shows signs of being used to exploit the same Safari flaw present in Vulnerability-related.DiscoverVulnerability iOS version 8 , which was released in 2014 . The attackers , the Lookout researchers said , purchased a large number of domains in an attempt to `` catch users that are seeking controversial content on the internet and coerce them into paying a ransom Attack.Ransom to them . '' Sites tailored the messages they delivered based on country identifiers . The campaign in many respects resembles one that hit Attack.Ransom Android users in 2014 . That one demanded Attack.Ransom a $ 300 ransom paid Attack.Ransom in the form of mechanisms such as Paysafecard or uKash

A broad array of Android phones are vulnerable Vulnerability-related.DiscoverVulnerability to attacks that use booby-trapped Wi-Fi signals to achieve full device takeover , a researcher has demonstrated Vulnerability-related.DiscoverVulnerability . The vulnerability resides in Vulnerability-related.DiscoverVulnerability a widely used Wi-Fi chipset manufactured by Broadcom and used in both iOS and Android devices . Apple patched Vulnerability-related.PatchVulnerability the vulnerability with Monday 's release Vulnerability-related.PatchVulnerability of iOS 10.3.1 . `` An attacker within range may be able to execute arbitrary code on the Wi-Fi chip , '' Apple 's accompanying advisory warned Vulnerability-related.DiscoverVulnerability . In a highly detailed blog post published Vulnerability-related.DiscoverVulnerability Tuesday , the Google Project Zero researcher who discovered Vulnerability-related.DiscoverVulnerability the flaw said Vulnerability-related.DiscoverVulnerability it allowed the execution of malicious code on a fully updated 6P `` by Wi-Fi proximity alone , requiring no user interaction . '' Google is in the process of releasing Vulnerability-related.PatchVulnerability an update in its April security bulletin . The fix is available Vulnerability-related.PatchVulnerability only to a select number of device models , and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible . Company representatives did n't respond to an e-mail seeking comment for this post . The proof-of-concept exploit developed by Project Zero researcher Gal Beniamini uses Wi-Fi frames that contain irregular values . The values , in turn , cause the firmware running on Broadcom 's wireless system-on-chip to overflow its stack . By using the frames to target timers responsible for carrying out regularly occurring events such as performing scans for adjacent networks , Beniamini managed to overwrite specific regions of device memory with arbitrary shellcode . Beniamini 's code does nothing more than write a benign value to a specific memory address . Attackers could obviously exploit the same series of flaws to surreptitiously execute malicious code on vulnerable devices within range of a rogue access point . Besides the specific stack overflow bugs exploited Vulnerability-related.DiscoverVulnerability by the proof-of-concept attack , Beniamini said Vulnerability-related.DiscoverVulnerability a lack of security protections built into many software and hardware platforms made the Broadcom chipset a prime target . `` We ’ ve seen that while the firmware implementation on the Wi-Fi SoC is incredibly complex , it still lags behind in terms of security , '' he wrote . `` Specifically , it lacks all basic exploit mitigations—including stack cookies , safe unlinking and access permission protection ( by means of [ a memory protection unit . ] ) '' The Broadcom chipset contains an MPU , but the researcher found that it 's implemented in a way that effectively makes all memory readable , writeable , and executable . `` We can conveniently execute our code directly from the heap . '' He said that Broadcom has informed him that newer versions of the chipset implement the MPU more effectively and also add unspecified additional security mechanisms . Given the severity of the vulnerability , people with affected Vulnerability-related.DiscoverVulnerability devices should install Vulnerability-related.PatchVulnerability a patch as soon as it 's available . For those with vulnerable iPhones , that 's easy enough . As is all too often the case for Android users , there 's no easy way to get Vulnerability-related.PatchVulnerability a fix immediately , if at all . That 's because Google continues to stagger the release Vulnerability-related.PatchVulnerability of its monthly patch bundle for the minority of devices that are eligible to receive it . At the moment , it 's not clear if there are effective workarounds available for vulnerable devices . Turning off Wi-Fi is one possibility , but as revealed in recent research into an unrelated Wi-Fi-related weakness involving Android phones , devices often relay Wi-Fi frames even when Wi-Fi is turned off