SAN FRANCISCO — Hackers took advantage of an Equifax security vulnerability two months after an industry group discovered Vulnerability-related.DiscoverVulnerability the coding flaw and shared Vulnerability-related.PatchVulnerability a fix for it , raising questions about why Equifax did n't update Vulnerability-related.PatchVulnerability its software successfully when the danger became known . A week after Equifax revealed one of the largest breaches Attack.Databreach of consumers ' private financial data in history — 143 million consumers and access Attack.Databreach to the credit-card data of 209,000 — the industry group that manages the open source software in which the hack occurred blamed Equifax . `` The Equifax data compromise Attack.Databreach was due to ( Equifax 's ) failure to install the security updates provided Vulnerability-related.PatchVulnerability in a timely manner , '' The Apache Foundation , which oversees the widely-used open source software , said in a statement Thursday . Equifax told USA TODAY late Wednesday the criminals who gained access Attack.Databreach to its customer data exploited Vulnerability-related.DiscoverVulnerability a website application vulnerability known as Vulnerability-related.DiscoverVulnerability Apache Struts CVE-2017-5638 . The vulnerability was patched Vulnerability-related.PatchVulnerability on March 7 , the same day it was announced Vulnerability-related.DiscoverVulnerability , The Apache Foundation said . Cybersecurity professionals who lend their free services to the project of open-source software — code that 's shared by major corporations and that 's tested and modified by developers working at hundreds of firms — had shared their discovery with the industry group , making the risk and fix known to any company using the software . Modifications were made on March 10 , according to the National Vulnerability Database . But two months later , hackers took advantage of the vulnerability to enter the credit reporting agency 's systems : Equifax said the unauthorized access began in mid-May . Equifax did not respond to a question Wednesday about whether the patches were applied Vulnerability-related.PatchVulnerability , and if not , why not . `` We continue to work with law enforcement as part of our criminal investigation and have shared indicators of compromise with law enforcement , '' it said . It should have have acted faster to successfully deal with the problem , other cybersecurity professionals said . `` They should have patched Vulnerability-related.PatchVulnerability it as soon as possible , not to exceed a week . A typical bank would have patched Vulnerability-related.PatchVulnerability this critical vulnerability within a few days , ” said Pravin Kothari , CEO of CipherCloud , a cloud security company . Federal regulators are now investigating whether Equifax is at fault . The Federal Trade Commission and the Consumer Financial Protection Bureau have said they 've opened probes into the hack . So far dozens of state attorneys general are investigating the breach , and on Tuesday Massachusetts Attorney General Maura Healey said she plans to sue the company for violating state consumer protection laws . More than 23 class-action lawsuits against the company have also been proposed . Proof that Equifax failed to protect customers , particularly when it had the tools and information to do so , is likely to further damage Equifax 's financial outlook . Shares fell 2.5 % Thursday after news of the FTC probe and are down 33 % since it revealed the link .

The bugs let hackers crash IoT devices , leak Attack.Databreach their information , and completely take them over . Researchers have found Vulnerability-related.DiscoverVulnerability that a popular Internet of Things real-time operating system – FreeRTOS – is riddled with serious vulnerabilities . The bugs could allow hackers to crash connected devices in smart homes or critical infrastructure systems , leak Attack.Databreach information from the devices ’ memory , and take them over . And while patches have been issued Vulnerability-related.PatchVulnerability , researchers warn that it still may take time for smaller vendors to update Vulnerability-related.PatchVulnerability . Researcher Ori Karliner , with Zimperium ’ s zLabs team , recently analyzed some of the leading operating systems in the IoT market – including FreeRTOS , an open-source OS specifically designed for the microcontrollers that are within IoT devices . Within several versions of FreeRTOS , Karliner found Vulnerability-related.DiscoverVulnerability 13 vulnerabilities enabling an array of attacks , including remote code execution , information leak and denial-of-service bugs . “ During our research , we discovered Vulnerability-related.DiscoverVulnerability multiple vulnerabilities within FreeRTOS ’ s TCP/IP stack and in the AWS secure connectivity modules . The same vulnerabilities are present in Vulnerability-related.DiscoverVulnerability WHIS Connect TCP/IP component for OpenRTOS\SafeRTOS , ” according to a Thursday post by zLabs . The vulnerabilities specifically exist in Vulnerability-related.DiscoverVulnerability FreeRTOS ’ s TCP/IP stack and in the AWS secure connectivity modules ( in as well as in the WHIS Connect TCP/IP component for OpenRTOS\SafeRTOS ) . These vulnerabilities include four remote code execution bugs ( CVE-2018-16522 , CVE-2018-16525 , CVE-2018-16526 , and CVE-2018-16528 ) ; seven information leak vulnerabilities ( CVE-2018-16524 , CVE-2018-16527 , CVE-2018-16599 , CVE-2018-16600 , CVE-2018-16601 , CVE-2018-16602 , CVE-2018-16603 ) one denial of service flaw ( CVE-2018-16523 ) and a final ( CVE-2018-16598 ) that was unspecified . zLabs said Vulnerability-related.DiscoverVulnerability it has disclosed Vulnerability-related.DiscoverVulnerability the security issues to Amazon and collaborated with them to patch Vulnerability-related.PatchVulnerability the vulnerabilities . Those fixes were deployed Vulnerability-related.PatchVulnerability for AWS FreeRTOS versions 1.3.2 and onwards . The vulnerabilities in RTOS WHIS were also patched Vulnerability-related.PatchVulnerability . Amazon did not respond to a request for comment from Threatpost . Due to the amount of vendors impacted Vulnerability-related.DiscoverVulnerability by the bugs , the researchers said Vulnerability-related.DiscoverVulnerability that they would hold off on publishing Vulnerability-related.DiscoverVulnerability further details until all holes have been sealed Vulnerability-related.PatchVulnerability .

Intel revealed Vulnerability-related.DiscoverVulnerability that it will not be issuing Vulnerability-related.PatchVulnerability Spectre patches to a number of older Intel processor families , potentially leaving many customers vulnerable to the security exploit . Intel claims the processors affected are mostly implemented as closed systems , so they aren ’ t at risk from the Spectre exploit , and that the age of these processors means they have limited commercial availability . The processors which Intel won ’ t be patching Vulnerability-related.PatchVulnerability include four lines from 2007 , Penryn , Yorkfield , and Wolfdale , along with Bloomfield ( 2009 ) , Clarksfield ( 2009 ) , Jasper Forest ( 2010 ) and the Intel Atom SoFIA processors from 2015 . According to Tom ’ s Hardware , Intel ’ s decision not to patch Vulnerability-related.PatchVulnerability these products could stem from the relative difficulty of patching Vulnerability-related.PatchVulnerability the Spectre exploit on older systems . “ After a comprehensive investigation of the microarchitectures and microcode capabilities for these products , Intel has determined to not release Vulnerability-related.PatchVulnerability microcode updates for these products , ” Intel said . Because of the nature of the Spectre exploit , patches for it need to be delivered Vulnerability-related.PatchVulnerability as an operating system or BIOS update , and if Microsoft and motherboard OEMs aren ’ t going to distribute Vulnerability-related.PatchVulnerability the patches , developing Vulnerability-related.PatchVulnerability them isn ’ t much of a priority . “ However , the real reason Intel gave up on patching Vulnerability-related.PatchVulnerability these systems seems to be that neither motherboard makers nor Microsoft may be willing to update Vulnerability-related.PatchVulnerability systems sold a decade ago , ” Tom ’ s Hardware reports . It sounds bad , but as Intel pointed out , these are all relatively old processors — with the exception of the Intel Atom SoFIA processor , which came out in 2015 — and it ’ s unlikely they ’ re used in any high-security environments . The Spectre exploit is a serious security vulnerability to be sure , but as some commentators have pointed out in recent months , it ’ s not the kind of exploit the average user needs to worry about . “ We ’ ve now completed release Vulnerability-related.PatchVulnerability of microcode updates for Intel microprocessor products launched in the last 9+ years that required protection against the side-channel vulnerabilities discovered Vulnerability-related.DiscoverVulnerability by Google Project Zero , ” said an Intel spokseperson . “ However , as indicated in our latest microcode revision guidance , we will not be providing Vulnerability-related.PatchVulnerability updated microcode for a select number of older platforms for several reasons , including limited ecosystem support and customer feedback. ” If you have an old Penryn processor toiling away in an office PC somewhere , you ’ re probably more at risk for a malware infection arising from a bad download than you are susceptible to something as technically sophisticated as the Spectre or Meltdown vulnerabilities .

Researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in Foscam connected security cameras that could enable a bad actor to gain root access knowing only the camera ’ s IP address . Foscam is urging customers to update Vulnerability-related.PatchVulnerability their security cameras after researchers found Vulnerability-related.DiscoverVulnerability three vulnerabilities in that could enable a bad actor to gain root access knowing only the camera ’ s IP address . The vulnerability trifecta includes an arbitrary file-deletion bug , a shell command-injection flaw and a stack-based buffer overflow vulnerability according to the researchers at VDOO who found Vulnerability-related.DiscoverVulnerability the flaws . The proof-of-concept attack revolved around a process in the cameras called webService , which receives requests from servers and can be used to verify the user ’ s credentials , if necessary , and run the handler for the desired API command . To launch an attack , an attacker would have to obtain Attack.Databreach the camera ’ s IP address or DNS name . Generally if the camera is configured so that it has direct interface to the internet , its address might be exposed Attack.Databreach to certain internet scanners . The PoC attacker then crashed the webService process by exploiting the stack-based buffer overflow vulnerability ( CVE-2018-6832 ) . After it crashes , the webService process automatically restarts via the watchdog daemon ( which restarts important processes after they ’ re terminated ) , and during the process reload , an attacker could leverage a second flaw , the arbitrary file-deletion vulnerability ( CVE-2018-6830 ) , to delete certain critical files . This will result in authentication bypass when the webService process reloads ; so that the bad actor is able to gain administrative credentials . From there , an attacker could use the third vuln ( CVE-2018-6831 ) to execute root commands . This bug is a shell command-injection vulnerability that requires administrator credentials . “ Since the adversary gained administrator credentials in the previous stage , he can now use this vulnerability to execute commands as the root user for privilege escalation , ” researchers said . The Internet of Things continues to post a significant problem as many connected devices lack proper security controls . The 2016 Mirai botnet attack , which was orchestrated as a distributed denial of service attack through 300,000 vulnerable IoT devices like webcams , routers and video recorders , showed just how big of an impact the lack of IoT security has . The patches also come after Vulnerability-related.PatchVulnerability reports of a hacked baby camera emerged last week , when a woman from South Carolina said a stranger hacked into her baby monitor to spy on her and her family . These IoT security incidents show not only that connected products are highly vulnerable to security hacks , but also that such hacks could mean a complete invasion of privacy at the most personal level . Foscam , for its part , urged customers to upgrade Vulnerability-related.PatchVulnerability their cameras as soon as possible , saying that “ the latest firmware for Foscam cameras utilizes protection against various types of online hacking and unauthorized access. ” It added , “ Foscam is fully committed to maintaining the safety and integrity of our user experience and will take all action reasonably necessary to ensure the privacy and security of our cameras . ”

Oracle is advising customers to update Vulnerability-related.PatchVulnerability their database software following the discovery Vulnerability-related.DiscoverVulnerability and disclosure Vulnerability-related.DiscoverVulnerability of a critical remote code execution vulnerability . The flaw , dubbed CVE-2018-3110 was given a CVSS base score of 9.9 ( out of 10 ) and Oracle warns Vulnerability-related.DiscoverVulnerability that successful exploit of the bug `` can result in complete compromise of the Oracle Database and shell access to the underlying server . '' `` Due to the nature of this vulnerability , Oracle strongly recommends that customers take action without delay , '' Oracle says . Vulnerable versions of Database Server include 11.2.0.4 , 12.1.0.2 , 12.2.0.1 , and 18 . Admins are advised to install Oracle 's update as soon as possible . No credit was given for discovery or reporting . The flaw itself is found Vulnerability-related.DiscoverVulnerability in the JavaVM component of Oracle Database Server and is not considered a remote code exploit flaw , as it requires the attacker have a connection to the server via Oracle Net , the protocol Oracle servers use to connect with client applications . Other than that , however , there is little else required for a successful attack that gives complete control over the host server . The Oracle patch will only pile on to what is going to be a busy week for IT departments and administrators . In addition to this fix Vulnerability-related.PatchVulnerability , Microsoft is releasing Vulnerability-related.PatchVulnerability its monthly Patch Tuesday security update for Windows , Office , and Internet Explorer/Edge today , and Adobe has posted Vulnerability-related.PatchVulnerability fixes for security holes in Flash Player , Acrobat/Reader , Creative Cloud , and Experience manager . Our advice is to keep a pot of coffee handy and reserve a table at the pub for when this is all over with .

Another critical security hole has been found Vulnerability-related.DiscoverVulnerability in Apache Struts 2 , requiring an immediate update . The vulnerability – CVE-2018-11776 – affects Vulnerability-related.DiscoverVulnerability core code and allows miscreants to pull off remote code execution against vulnerable servers and websites . It affects Vulnerability-related.DiscoverVulnerability all versions of Struts 2 , the popular open-source framework for Java web apps . The Apache Software Foundation has `` urgently advised '' anyone using Struts to update Vulnerability-related.PatchVulnerability to the latest version immediately , noting that the last time a critical hole was found Vulnerability-related.DiscoverVulnerability , the holes were being exploited Vulnerability-related.DiscoverVulnerability in the wild just a day later . In other words , if you delay in patching Vulnerability-related.PatchVulnerability , your organization will be compromised in short order via this bug , if you are running vulnerable systems . It was that earlier flaw that led to a nightmare data breach Attack.Databreach from credit company Equifax after it failed to patch Vulnerability-related.PatchVulnerability swiftly enough . The details of nearly 150 million people were exposed Attack.Databreach , costing the company more than $ 600m , so this is not something to be taken lightly . The company that discovered Vulnerability-related.DiscoverVulnerability the vulnerability – Semmle Security Research Team – warns that this latest one is actually worse that the one last year , which it also found Vulnerability-related.DiscoverVulnerability . It has published a blog post with more information . Semmle found Vulnerability-related.DiscoverVulnerability the hole back in April and reported Vulnerability-related.DiscoverVulnerability it to Apache , which put out Vulnerability-related.PatchVulnerability a patch in June that it has now pulled Vulnerability-related.PatchVulnerability into formal updates ( 2.3.35 for those using version 2.3 and 2.5.17 for those on 2.5 ) . As mentioned , the vulnerability is in the core code and does n't require additional plugins to work . It is caused by insufficient validation of untrusted user data in the core of the Struts framework , and can be exploited in several different ways . Semmle says it has identified two different vectors but warns there may be others . Since it can be used remotely and due to the fact that Struts is typically used to create applications that are on the public internet , hackers are going to be especially focused on exploiting it so they can gain access to corporate networks . And there are some big targets out there : Apache Struts is extremely common with most large corporations using it somewhere in their systems for web apps . Semmle 's VP of engineering , Pavel Avgustinov , had this to say about the hole on Wednesday this week : `` Critical remote code execution vulnerabilities like the one that affected Vulnerability-related.DiscoverVulnerability Equifax and the one we announced today are incredibly dangerous for several reasons : Struts is used for publicly-accessible customer-facing websites , vulnerable systems are easily identified , and the flaw is easy to exploit Vulnerability-related.DiscoverVulnerability . A hacker can find their way in within minutes , and exfiltrate Attack.Databreach data or stage further attacks from the compromised system . It ’ s crucially important to update affected systems immediately ; to wait is to take an irresponsible risk . '' This is very far from the first time that big security holes have been found Vulnerability-related.DiscoverVulnerability in Struts , leading some to recommend that people simply stop using it .

Google 's Project Zero has again called Apple out for silently patching Vulnerability-related.PatchVulnerability flaws . Apple has secretly patched Vulnerability-related.PatchVulnerability a bunch of high-severity bugs reported Vulnerability-related.DiscoverVulnerability to it by Google 's Project Zero researchers . The move has resulted in Google 's Project Zero once again calling Apple out for fixing Vulnerability-related.PatchVulnerability iOS and macOS security flaws without documenting them in public security advisories . While it 's good news that Apple beat Project Zero 's 90-day deadline for patching Vulnerability-related.PatchVulnerability or disclosing Vulnerability-related.DiscoverVulnerability the bugs it finds Vulnerability-related.DiscoverVulnerability , the group 's Ivan Fratric recently argued that the practice endangered users by not fully informing them why an update should be installed . This time the criticism comes from Project Zero 's Ian Beer , who 's been credited by Apple with finding Vulnerability-related.DiscoverVulnerability dozens of serious security flaws in iOS and macOS over the years . Beer posted Vulnerability-related.DiscoverVulnerability a blog about several vulnerabilities in iOS 7 he found Vulnerability-related.DiscoverVulnerability in 2014 that share commonalities with several bugs he has found Vulnerability-related.DiscoverVulnerability in iOS 11.4.1 , some of which he 's now released exploits for . Beer notes Vulnerability-related.DiscoverVulnerability that none of the latest issues is mentioned in the iOS 12 security bulletin even though Apple did fix Vulnerability-related.PatchVulnerability them . The absence of information about them is a `` disincentive '' for iOS users to patch Vulnerability-related.PatchVulnerability , Beer argues . `` Apple are still yet to assign CVEs Vulnerability-related.DiscoverVulnerability for these issues or publicly acknowledge that they were fixed Vulnerability-related.PatchVulnerability in iOS 12 , '' wrote Beer . `` In my opinion a security bulletin should mention the security bugs that were fixed Vulnerability-related.PatchVulnerability . Not doing so provides a disincentive for people to update Vulnerability-related.PatchVulnerability their devices since it appears that there were fewer security fixes than there really were . '' In other instances , such as one macOS bug Beer reported Vulnerability-related.DiscoverVulnerability , Apple did actually assign a CVE Vulnerability-related.DiscoverVulnerability , but it still hasn't updated Vulnerability-related.PatchVulnerability the relevant security bulletin to reflect the fix . Apple similarly allocated Vulnerability-related.DiscoverVulnerability CVE-2018-4337 to another high-severity iOS bug , which was fixed Vulnerability-related.PatchVulnerability in iOS 12 , but is n't currently acknowledged Vulnerability-related.DiscoverVulnerability in the iOS 12 security bulletin . In another case , Apple fixed Vulnerability-related.PatchVulnerability a bug that affected Vulnerability-related.DiscoverVulnerability iOS and macOS but didn't assign Vulnerability-related.DiscoverVulnerability a CVE or mention it in the security bulletins . Not only may it be a disincentive for end-users to patch Vulnerability-related.PatchVulnerability iPhones and Macs , but Beer also points out Vulnerability-related.DiscoverVulnerability in another bug report that the lack of public acknowledgement Vulnerability-related.DiscoverVulnerability by Apple means he has no way of knowing whether the issue is a duplicate that another researcher may have already found Vulnerability-related.DiscoverVulnerability . As he notes Vulnerability-related.DiscoverVulnerability in the blog , many of the bugs he has found Vulnerability-related.DiscoverVulnerability in iOS are very similar or the same as bugs found Vulnerability-related.DiscoverVulnerability by noted jailbreaking hackers Pangu Team .

Cisco has plugged Vulnerability-related.PatchVulnerability two severe vulnerabilities affecting Vulnerability-related.DiscoverVulnerability its Digital Network Architecture ( DNA ) Center software . Appliances running Cisco 's DNA Center software before Release 1.1.4 are vulnerable Vulnerability-related.DiscoverVulnerability to an authentication bypass that could allow a remote attacker to `` take complete control '' of its identity management functions . Network admins can use the DNA Center interface to add new devices to the network and manage them based on enterprise policies . DNA Center is part of Cisco 's toolkit for internet-based networking . Lax security restrictions on key DNA management functions mean an attacker could send a valid identity management request to an affected system and then change existing system users or create new users , according to Cisco . The flaw , which is tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-0448 , is rated critical and has a Common Vulnerability Scoring System ( CVSS ) v 3.0 rating of 9.8 out of 10 . It 's fixed Vulnerability-related.PatchVulnerability in release 1.1.4 and later and since there are no workarounds , admins will need to update Vulnerability-related.PatchVulnerability to these releases to fix Vulnerability-related.PatchVulnerability the bug . Cisco also fixed Vulnerability-related.PatchVulnerability another critical DNA Center flaw , CVE-2018-15386 , which could give a remote attacker direct access to core management functions . An attacker could exploit the bug by directly connecting to exposed Attack.Databreach DNA Center services and from there obtain Attack.Databreach or change critical system files . This bug is due to insecure default configurations affecting Vulnerability-related.DiscoverVulnerability DNA Center release 1.1 Again , there are no workarounds for the bug , so admins will need to update Vulnerability-related.PatchVulnerability to release 1.2 and later . Both flaws were found Vulnerability-related.DiscoverVulnerability during internal testing . Cisco is not aware of any exploits in the wild for the flaws . Cisco has also fixed Vulnerability-related.PatchVulnerability a critical flaw affecting Vulnerability-related.DiscoverVulnerability Cisco Prime Infrastructure ( PI ) that could let a remote attacker upload any file they wishwithout requiring authentication . The file could be used to execute commands . On PI , Trivial File Transfer Protocol ( TFTP ) is enabled by default and accessible from the web interface , which an attacker could use toupload a malicious file . Customers should check Cisco 's advisory to determine whether they 're running a fixed release . It also has workarounds for some releases . The flaw was reported Vulnerability-related.DiscoverVulnerability by independent security researcher Pedro Ribeiro through Beyond Security 's SecuriTeam Secure Disclosure program . Beyond Security notes in its detailed report about the PI issue that Ribeiro identified Vulnerability-related.DiscoverVulnerability two flaws but only one was fixed Vulnerability-related.PatchVulnerability in Cisco 's patch . `` The first vulnerability is a file-upload vulnerability that allows the attacker to upload and execute JSP files as the Apache Tomcat user . '' `` The second vulnerability is a privilege escalation to root by bypassing execution restrictions in a SUID binary . `` From our assessment the provided fix only addresses Vulnerability-related.PatchVulnerability the file uploading part of the exploit , not the file inclusion , the ability to execute arbitrary code through it or the privileges escalation issue that the product has . '' Cisco also released Vulnerability-related.PatchVulnerability patches for 33 more high- and medium-severity flaws affecting Vulnerability-related.DiscoverVulnerability WebEx , SD-WAN products , and its ASA security appliances .

Cisco has plugged Vulnerability-related.PatchVulnerability two severe vulnerabilities affecting Vulnerability-related.DiscoverVulnerability its Digital Network Architecture ( DNA ) Center software . Appliances running Cisco 's DNA Center software before Release 1.1.4 are vulnerable Vulnerability-related.DiscoverVulnerability to an authentication bypass that could allow a remote attacker to `` take complete control '' of its identity management functions . Network admins can use the DNA Center interface to add new devices to the network and manage them based on enterprise policies . DNA Center is part of Cisco 's toolkit for internet-based networking . Lax security restrictions on key DNA management functions mean an attacker could send a valid identity management request to an affected system and then change existing system users or create new users , according to Cisco . The flaw , which is tracked as Vulnerability-related.DiscoverVulnerability CVE-2018-0448 , is rated critical and has a Common Vulnerability Scoring System ( CVSS ) v 3.0 rating of 9.8 out of 10 . It 's fixed Vulnerability-related.PatchVulnerability in release 1.1.4 and later and since there are no workarounds , admins will need to update Vulnerability-related.PatchVulnerability to these releases to fix Vulnerability-related.PatchVulnerability the bug . Cisco also fixed Vulnerability-related.PatchVulnerability another critical DNA Center flaw , CVE-2018-15386 , which could give a remote attacker direct access to core management functions . An attacker could exploit the bug by directly connecting to exposed Attack.Databreach DNA Center services and from there obtain Attack.Databreach or change critical system files . This bug is due to insecure default configurations affecting Vulnerability-related.DiscoverVulnerability DNA Center release 1.1 Again , there are no workarounds for the bug , so admins will need to update Vulnerability-related.PatchVulnerability to release 1.2 and later . Both flaws were found Vulnerability-related.DiscoverVulnerability during internal testing . Cisco is not aware of any exploits in the wild for the flaws . Cisco has also fixed Vulnerability-related.PatchVulnerability a critical flaw affecting Vulnerability-related.DiscoverVulnerability Cisco Prime Infrastructure ( PI ) that could let a remote attacker upload any file they wishwithout requiring authentication . The file could be used to execute commands . On PI , Trivial File Transfer Protocol ( TFTP ) is enabled by default and accessible from the web interface , which an attacker could use toupload a malicious file . Customers should check Cisco 's advisory to determine whether they 're running a fixed release . It also has workarounds for some releases . The flaw was reported Vulnerability-related.DiscoverVulnerability by independent security researcher Pedro Ribeiro through Beyond Security 's SecuriTeam Secure Disclosure program . Beyond Security notes in its detailed report about the PI issue that Ribeiro identified Vulnerability-related.DiscoverVulnerability two flaws but only one was fixed Vulnerability-related.PatchVulnerability in Cisco 's patch . `` The first vulnerability is a file-upload vulnerability that allows the attacker to upload and execute JSP files as the Apache Tomcat user . '' `` The second vulnerability is a privilege escalation to root by bypassing execution restrictions in a SUID binary . `` From our assessment the provided fix only addresses Vulnerability-related.PatchVulnerability the file uploading part of the exploit , not the file inclusion , the ability to execute arbitrary code through it or the privileges escalation issue that the product has . '' Cisco also released Vulnerability-related.PatchVulnerability patches for 33 more high- and medium-severity flaws affecting Vulnerability-related.DiscoverVulnerability WebEx , SD-WAN products , and its ASA security appliances .

11th December was Microsoft ’ s December 2018 Patch Tuesday , which means users had to update Vulnerability-related.PatchVulnerability their computers to be protected from the latest threats to Windows and Microsoft products . Microsoft has fixed Vulnerability-related.PatchVulnerability 39 vulnerabilities , with 10 of them being labeled as Critical . Keeping up with its December 2018 Patch Tuesday , Microsoft announced Vulnerability-related.DiscoverVulnerability on its blog that a vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) . There was not much information provided to the customers about how and when this vulnerability was discovered Vulnerability-related.DiscoverVulnerability . The following details were released by Microsoft : The Exploit Microsoft Windows is prone Vulnerability-related.DiscoverVulnerability to a heap-based buffer-overflow vulnerability . A remote code execution vulnerability exists in Vulnerability-related.DiscoverVulnerability Windows Domain Name System ( DNS ) servers when they fail to properly handle requests . An attacker who successfully exploits Vulnerability-related.DiscoverVulnerability this issue may execute arbitrary code within the context of the affected application . Microsoft states that failed exploit attempts will result in a denial-of-service condition . Windows servers that are configured as DNS servers are at risk from this vulnerability . Affected Systems Find a list of the affected systems on Microsoft ’ s Blog . The company has also provided Vulnerability-related.PatchVulnerability users with security updates for the affected systems . Workarounds and Mitigations As of today , Microsoft has not identified any workarounds or mitigations for the affected systems . Jake Williams , the founder of Rendition Security and Rally security , posted an update on Twitter about the issue , questioning why there is no sufficient discussion among the infosec community about the matter .

Yesterday , Oracle released Vulnerability-related.PatchVulnerability its quarterly critical patch update ( CPU ) for Q3 2018 , the October edition , during which the company fixed Vulnerability-related.PatchVulnerability 301 vulnerabilities . Of the 301 flaws , 45 had a severity rating of 9.8 ( on a scale of 10 ) and one even received the maximum 10 rating . Vulnerabilities that receive this severity ratings this high can be exploited Vulnerability-related.DiscoverVulnerability remotely , with no authentication , and the exploit chain is accessible even to low-skilled attackers , even to those with no in-depth technical knowledge . Oracle 's security team will publish more information about each vulnerability in the coming days . This will give companies more time to update Vulnerability-related.PatchVulnerability affected applications before details about each flaw are generally available Vulnerability-related.PatchVulnerability to everyone , including the bad guys . For now , little information is known , but the vulnerability that received the 10.0 rating impacts Vulnerability-related.DiscoverVulnerability Oracle GoldenGate , a data replication framework that can work with large quantities of information in real-time . This issue doesn't impact Vulnerability-related.DiscoverVulnerability standalone GoldenGate installations , but also the numerous other Oracle product setups where GoldenGate can be deployed as an add-in option , such as the Oracle Database Server , DB2 , MySQL , Sybase , Terradata , and others . As for vulnerabilities rated 9.8 on the severity scale , these were reported affecting Vulnerability-related.DiscoverVulnerability products such as the Oracle Database Server , Oracle Communications , the Oracle Construction and Engineering Suite , the Oracle Enterprise Manager Products Suite , Oracle Fusion Middleware , Oracle Insurance Applications , Oracle JD Edwards , MySQL , Oracle Retail , the Oracle Siebel CRM , and the Oracle Sun Systems Products Suite . Despite the staggering number of patched flaws -- 301 -- , this is n't Oracle 's biggest recorded CPU . That title goes to July 2018 's CPU , which addressed Vulnerability-related.PatchVulnerability 334 vulnerabilities , 55 of which had a 9.8 severity rating . This was also Oracle 's last CPU for 2018 . According to the folks at ERPScan , in 2018 , Oracle patched Vulnerability-related.PatchVulnerability 1119 vulnerabilities , the same number of flaws it patched Vulnerability-related.PatchVulnerability last year in 2017 .

A Google Project Zero researcher has published a macOS exploit to demonstrate that Apple is exposing its users to security risks by patching Vulnerability-related.PatchVulnerability serious flaws in iOS but not revealing the fact until it fixes Vulnerability-related.PatchVulnerability the same bugs in macOS a week later . This happened during Apple 's update Vulnerability-related.PatchVulnerability for critical flaws in iOS 12 , tvOS 12 and Safari 12 on September 17 . A Wayback Machine snapshot of the original advisory does n't mention Vulnerability-related.DiscoverVulnerability any of the bugs that Project Zero researcher Ivan Fratric had reported Vulnerability-related.DiscoverVulnerability to Apple , and which were actually fixed Vulnerability-related.PatchVulnerability . Then , a week later , after Apple patched Vulnerability-related.PatchVulnerability the same bugs in macOS , the company updated Vulnerability-related.PatchVulnerability its original advisory with details about the nine flaws that Fratric had reported Vulnerability-related.DiscoverVulnerability , six of which affected Vulnerability-related.DiscoverVulnerability Safari . The update fixed Vulnerability-related.PatchVulnerability a Safari bug that allowed arbitrary code execution on macOS if a vulnerable version of Safari browsed to a website hosting an exploit for the bugs . While Fratric concedes that Apple is probably concealing Vulnerability-related.PatchVulnerability the fix in iOS to buy time to patch Vulnerability-related.PatchVulnerability macOS , he argues the end result is that people may ignore an important security update because they were n't properly informed by Apple in the security advisory . `` This practice is misleading because customers interested in the Apple security advisories would most likely read them only once , when they are first released and the impression they would get is that the product updates fix far fewer vulnerabilities and less severe vulnerabilities than is actually the case . '' Even worse , a skilled attacker could use the update for iOS to reverse-engineer a patch , develop an exploit for macOS , and then deploy it against a macOS user-base that does n't have a patch . Users also do n't know that Apple has released information that could make their systems vulnerable to attack . Fratric developed an exploit for one of the Safari bugs he reported and published Vulnerability-related.DiscoverVulnerability the attack on Thursday . The bugs were all found Vulnerability-related.DiscoverVulnerability using a publicly available fuzzing tool he developed , called Domato , meaning anyone else , including highly advanced attackers , could use it too . `` If a public tool was able to find that many bugs , it is expected that private ones might be even more successful , '' he noted . He was n't aiming to write a reliable or sophisticated exploit , but the bug is useful enough for a skilled exploit writer to develop an attack to spread malware and `` potentially do a lot of damage even with an unreliable exploit '' . Fratric said he successfully tested the exploit on Mac OS 10.13.6 High Sierra , build version 17G65 . `` If you are still using this version , you might want to update , '' noted Fratric . On the upside , it appears Apple and its Safari WebKit team have improved the security of the browser compared with the results of Fratric 's Domato fuzzing efforts last year , which turned up way more bugs in Safari than in Chrome , Internet Explorer , and Edge . Last year he found Vulnerability-related.DiscoverVulnerability 17 Safari flaws using the fuzzing tool . His final word of warning is not to discount any of the bugs he found just because no one 's seen them being attacked in the wild . `` While it is easy to brush away such bugs as something we have n't seen actual attackers use , that does n't mean it 's not happening or that it could n't happen , '' the researcher noted .

A new iPhone and a new iOS are here , but a number of bugs , and security flaws , have frustrated early adopters . iOS 12.0.1 , Apple 's first update after the release of iOS 12 , has patched Vulnerability-related.PatchVulnerability two vulnerabilities that could have allowed a user to bypass a device 's passcode . Spanish hacker Jose Rodriguez was able to use Siri to enable VoiceOver mode , which could pull up the phone 's contacts . You can see the specifics of his ( very complicated ) procedure in the video below . Apple also says it has fixed Vulnerability-related.PatchVulnerability a bug that caused the new iPhones to stop charging when their screens turned off . This was n't an issue our review unit had , but it was noted throughout multiple forums and message boards . The company has fixed Vulnerability-related.PatchVulnerability a number of smaller bugs as well . A bug that caused the phone to automatically join 2.4-GHz networks rather than 5 GHz networks , a bug that sometimes caused Bluetooth to become unavailable , and a bug that blocked subtitles from appearing in some video apps are no longer . iPad users were n't left out , either . To some users ' chagrin , the original iOS 12 moved the `` 123 '' key closer to the center of the iPad keyboard . You can breathe easy again : The key has moved back to the far left . The update should be available Vulnerability-related.PatchVulnerability to all users now . If you do n't have automatic updates enabled , we recommend you update Vulnerability-related.PatchVulnerability to the new patch ASAP if you 've experienced any of these flaws , or are worried about hackers obtaining your phone .

A security bug in Systemd can be exploited Vulnerability-related.DiscoverVulnerability over the network to , at best , potentially crash a vulnerable Linux machine , or , at worst , execute malicious code on the box . The flaw therefore puts Systemd-powered Linux computers – specifically those using systemd-networkd – at risk of remote hijacking : maliciously crafted DHCPv6 packets can try to exploit the programming cockup and arbitrarily change parts of memory in vulnerable systems , leading to potential code execution . This code could install malware , spyware , and other nasties , if successful . The vulnerability – which was made public Vulnerability-related.DiscoverVulnerability this week – sits within the written-from-scratch DHCPv6 client of the open-source Systemd management suite , which is built into various flavors of Linux . This client is activated automatically if IPv6 support is enabled , and relevant packets arrive for processing . Thus , a rogue DHCPv6 server on a network , or in an ISP , could emit specially crafted router advertisement messages that wake up these clients , exploit the bug , and possibly hijack or crash vulnerable Systemd-powered Linux machines . Here 's the Red Hat Linux summary : systemd-networkd is vulnerable Vulnerability-related.DiscoverVulnerability to an out-of-bounds heap write in the DHCPv6 client when handling options sent by network adjacent DHCP servers . A attacker could exploit this via malicious DHCP server to corrupt heap memory on client machines , resulting in a denial of service or potential code execution . Felix Wilhelm , of the Google Security team , was credited with discovering Vulnerability-related.DiscoverVulnerability the flaw , designated CVE-2018-15688 . Wilhelm found that a specially crafted DHCPv6 network packet could trigger `` a very powerful and largely controlled out-of-bounds heap write , '' which could be used by a remote hacker to inject and execute code . `` The overflow can be triggered relatively easy by advertising a DHCPv6 server with a server-id > = 493 characters long , '' Wilhelm noted . In addition to Ubuntu and Red Hat Enterprise Linux , Systemd has been adopted as a service manager for Debian , Fedora , CoreOS , Mint , and SUSE Linux Enterprise Server . We 're told RHEL 7 , at least , does not use the vulnerable component by default . Systemd creator Lennart Poettering has already published Vulnerability-related.PatchVulnerability a security fix for the vulnerable component – this should be weaving its way into distros as we type . If you run a Systemd-based Linux system , and rely on systemd-networkd , update Vulnerability-related.PatchVulnerability your operating system as soon as you can to pick up the fix when available Vulnerability-related.PatchVulnerability and as necessary . The bug will come as another argument against Systemd as the Linux management tool continues to fight for the hearts and minds of admins and developers alike . Though a number of major admins have in recent years adopted and championed it as the replacement for the old Init era , others within the Linux world seem to still be less than impressed with Systemd and Poettering 's occasionally controversial management of the tool .

Overall , the chip giant patched Vulnerability-related.PatchVulnerability five vulnerabilities across an array of its products . Intel on Tuesday patched Vulnerability-related.PatchVulnerability three high-severity vulnerabilities that could allow the escalation of privileges across an array of products . Overall , the chip giant fixed Vulnerability-related.PatchVulnerability five bugs – three rated high-severity , and two medium-severity . The most concerning of these bugs is an escalation-of-privilege glitch in Intel ’ s PROset/Wireless Wi-Fi software , which is its wireless connection management tool . The vulnerability , CVE-2018-12177 , has a “ high ” CVSS score of 7.8 , according to Intel ’ s update . “ Intel is releasing Vulnerability-related.PatchVulnerability software updates to mitigate Vulnerability-related.PatchVulnerability this potential vulnerability , ” it said , urging users to update Vulnerability-related.PatchVulnerability to version 20.90.0.7 or later of the software . The vulnerability , reported Vulnerability-related.DiscoverVulnerability by Thomas Hibbert of Insomnia Security , stems from improper directory permissions plaguing the software ’ s ZeroConfig service in versions before 20.90.0.7 . The issue could allow an authorized user to potentially enable escalation of privilege via local access . The other high-severity bug exists in Vulnerability-related.DiscoverVulnerability the company ’ s System Support Utility for Windows , which offers support for Intel-packed Windows device users . This bug ( CVE-2019-0088 ) is due to insufficient path checking in the support utility , allowing an already-authenticated user to potentially gain escalation of privilege via local access . The vulnerability has a CVSS score of 7.5 . Versions of System Support Utility for Windows before 2.5.0.15 are impacted Vulnerability-related.DiscoverVulnerability ; Intel recommends Vulnerability-related.PatchVulnerability users update Vulnerability-related.PatchVulnerability to versions 2.5.0.15 or later . Independent security researcher Alec Blance was credited with discovering Vulnerability-related.DiscoverVulnerability the flaw . The chip-maker also patched Vulnerability-related.PatchVulnerability a high-severity and medium-severity flaw in its Software Guard Extensions ( SGX ) platform and software , which help application developers to protect select code and data from disclosure or modification . “ Multiple potential security vulnerabilities in Intel SGX SDK and Intel SGX Platform Software may allow escalation of privilege or information disclosure , ” said Vulnerability-related.DiscoverVulnerability Intel . The high-severity flaw in SGX ( CVE-2018-18098 ) has a CVSS score of 7.5 and could allow an attacker with local access to gain escalated privileges . The vulnerability is rooted in Vulnerability-related.DiscoverVulnerability improper file verification in the install routine for Intel ’ s SGX SDK and Platform Software for Windows before 2.2.100 . It was discovered Vulnerability-related.DiscoverVulnerability by researcher Saif Allah ben Massaoud . Another vulnerability in the platform ( CVE-2018-12155 ) is only medium in severity , but could allow an unprivileged user to cause information disclosure via local access . That ’ s due to data leakage Attack.Databreach in the cryptographic libraries of the SGX platform ’ s Integrated Performance Primitives , a function that provides developers with building blocks for image and data processing . And finally , a medium escalation of privilege vulnerability in Intel ’ s SSD data-center tool for Windows has been patched Vulnerability-related.PatchVulnerability . “ Improper directory permissions in the installer for the Intel SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access , ” said Vulnerability-related.DiscoverVulnerability Intel ’ s update . The company recommends users update to v3.0.17 or later . Intel ’ s patch comes Vulnerability-related.PatchVulnerability during a busy patch Tuesday week , which includes fixes from Adobe and Microsoft .

Overall , the chip giant patched Vulnerability-related.PatchVulnerability five vulnerabilities across an array of its products . Intel on Tuesday patched Vulnerability-related.PatchVulnerability three high-severity vulnerabilities that could allow the escalation of privileges across an array of products . Overall , the chip giant fixed Vulnerability-related.PatchVulnerability five bugs – three rated high-severity , and two medium-severity . The most concerning of these bugs is an escalation-of-privilege glitch in Intel ’ s PROset/Wireless Wi-Fi software , which is its wireless connection management tool . The vulnerability , CVE-2018-12177 , has a “ high ” CVSS score of 7.8 , according to Intel ’ s update . “ Intel is releasing Vulnerability-related.PatchVulnerability software updates to mitigate Vulnerability-related.PatchVulnerability this potential vulnerability , ” it said , urging users to update Vulnerability-related.PatchVulnerability to version 20.90.0.7 or later of the software . The vulnerability , reported Vulnerability-related.DiscoverVulnerability by Thomas Hibbert of Insomnia Security , stems from improper directory permissions plaguing the software ’ s ZeroConfig service in versions before 20.90.0.7 . The issue could allow an authorized user to potentially enable escalation of privilege via local access . The other high-severity bug exists in Vulnerability-related.DiscoverVulnerability the company ’ s System Support Utility for Windows , which offers support for Intel-packed Windows device users . This bug ( CVE-2019-0088 ) is due to insufficient path checking in the support utility , allowing an already-authenticated user to potentially gain escalation of privilege via local access . The vulnerability has a CVSS score of 7.5 . Versions of System Support Utility for Windows before 2.5.0.15 are impacted Vulnerability-related.DiscoverVulnerability ; Intel recommends Vulnerability-related.PatchVulnerability users update Vulnerability-related.PatchVulnerability to versions 2.5.0.15 or later . Independent security researcher Alec Blance was credited with discovering Vulnerability-related.DiscoverVulnerability the flaw . The chip-maker also patched Vulnerability-related.PatchVulnerability a high-severity and medium-severity flaw in its Software Guard Extensions ( SGX ) platform and software , which help application developers to protect select code and data from disclosure or modification . “ Multiple potential security vulnerabilities in Intel SGX SDK and Intel SGX Platform Software may allow escalation of privilege or information disclosure , ” said Vulnerability-related.DiscoverVulnerability Intel . The high-severity flaw in SGX ( CVE-2018-18098 ) has a CVSS score of 7.5 and could allow an attacker with local access to gain escalated privileges . The vulnerability is rooted in Vulnerability-related.DiscoverVulnerability improper file verification in the install routine for Intel ’ s SGX SDK and Platform Software for Windows before 2.2.100 . It was discovered Vulnerability-related.DiscoverVulnerability by researcher Saif Allah ben Massaoud . Another vulnerability in the platform ( CVE-2018-12155 ) is only medium in severity , but could allow an unprivileged user to cause information disclosure via local access . That ’ s due to data leakage Attack.Databreach in the cryptographic libraries of the SGX platform ’ s Integrated Performance Primitives , a function that provides developers with building blocks for image and data processing . And finally , a medium escalation of privilege vulnerability in Intel ’ s SSD data-center tool for Windows has been patched Vulnerability-related.PatchVulnerability . “ Improper directory permissions in the installer for the Intel SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access , ” said Vulnerability-related.DiscoverVulnerability Intel ’ s update . The company recommends users update to v3.0.17 or later . Intel ’ s patch comes Vulnerability-related.PatchVulnerability during a busy patch Tuesday week , which includes fixes from Adobe and Microsoft .