Git has disclosed Vulnerability-related.DiscoverVulnerability a security vulnerability that allows for arbitrary code execution in malicious repositories , Microsoft reports . The vulnerability , CVE-2018-11235 , was addressed Vulnerability-related.PatchVulnerability and fixed Vulnerability-related.PatchVulnerability in Git 2.17.1 and Git for Windows 2.17.1 ( 2 ) , which were both released Vulnerability-related.PatchVulnerability today . In addition , the Visual Studio Team Services ( VSTS ) team has blocked malicious repositories from being pushed to VSTS to ensure that Visual Studio can not be used as a vector for transmitting malicious repositories to clients who have not yet patched Vulnerability-related.PatchVulnerability their clients . The vulnerability is caused when repositories are cloned . When cloning a repository , Git checks out the parent repository into the working directory as it prepares to clone the submodule . Then , Git realizes that it does not need to perform the clone of submodule because the submodule ’ s repository already exists on the disk from when it was checked in to the parent , and then was written to the working directory when the parent repository was checked out . According to Microsoft , the problem lies in the fact that when Git repositories are cloned , there are important configuration details not obtained from the server , such as hooks , which are scripts that can be run at certain points in the Git workflow . The configuration is not cloned from a remote server because that would lead to a vulnerability where remote servers could provide code that would be executed on the end user ’ s computer . Unfortunately , with the new vulnerability , that is exactly what happens , Microsoft explained . Because the submodule ’ s repository is checked in to a parent repository , it is not actually cloned . Therefore , the submodule repository can already have a hook configured . Additionally , if a user recursively cloned a malicious parent repository , it first checks out the parent , reads the submodule ’ s checked-in repository and prepares to write that submodule to the working directory , then it executes post-checkout hooks , Microsoft explained . In order to eliminate this vulnerability , submodule ’ s folder names are examined more closely by Git clients . Now , submodule folder names can no longer contain “ .. ” as a path segment and they can not be symbolic links . As a result , they now will have to be within the .git repository folder instead of in the actual repository ’ s working directory . According to Microsoft , Git now refuses to work with repositories that do not follow this newly specified configuration . Visual Studio Team Services and other hosting providers will also reject users from pushing repositories that do not adhere to this submodule configuration to protect clients that have not been patched Vulnerability-related.PatchVulnerability yet .

Apple has issued Vulnerability-related.PatchVulnerability an update to fix Vulnerability-related.PatchVulnerability a number of issues in macOS Mojave leading to arbitrary code execution , the ability to read restricted memory and access local users Apple IDs among others . All were patched Vulnerability-related.PatchVulnerability with the release of macOS Mojave 10.14 on Sept 24. applePatchapplePatch The first issue , CVE-2018-5383 , impacted Vulnerability-related.DiscoverVulnerability a number of iMac , MacBook Air , Mac Pro and Mac mini server products . An input validation issue existed in Vulnerability-related.DiscoverVulnerability Bluetooth was fixed Vulnerability-related.PatchVulnerability that could have allowed an attacker in a privileged network position to intercept Bluetooth traffic . The App Store also patched Vulnerability-related.PatchVulnerability CVE-2018-4324 , an issue in the handling of Apple ID that could have been exploited Vulnerability-related.DiscoverVulnerability by a malicious application that would expose the Apple ID of the computer ’ s owner . Also , a validation issue that could expose Apple IDs was in Auto Unlock that was patched Vulnerability-related.PatchVulnerability with improved validation of the process entitlement . CVE-2018-4353 impacted Vulnerability-related.DiscoverVulnerability the application firewall where a sandboxed process may be able to circumvent sandbox restrictions , but this was addressed Vulnerability-related.PatchVulnerability by adding additional restrictions . In Crash Reporter a validation issue , CVE-2018-4333 , was addressed Vulnerability-related.PatchVulnerability that if exploited Vulnerability-related.DiscoverVulnerability would allow a malicious application to read restricted memory . Two Kernel problems were fixed Vulnerability-related.PatchVulnerability , CVE-2018-4336 and CVE-2018-4344 , that could let an application may be able to execute arbitrary code with kernel privileges . The final problem , CVE-2016-1777 , effected Security where an attacker could exploit a weaknesses in the RC4 cryptographic algorithm and was fixed Vulnerability-related.PatchVulnerability by removing RC4 .

Apple has issued Vulnerability-related.PatchVulnerability an update to fix Vulnerability-related.PatchVulnerability a number of issues in macOS Mojave leading to arbitrary code execution , the ability to read restricted memory and access local users Apple IDs among others . All were patched Vulnerability-related.PatchVulnerability with the release of macOS Mojave 10.14 on Sept 24. applePatchapplePatch The first issue , CVE-2018-5383 , impacted Vulnerability-related.DiscoverVulnerability a number of iMac , MacBook Air , Mac Pro and Mac mini server products . An input validation issue existed in Vulnerability-related.DiscoverVulnerability Bluetooth was fixed Vulnerability-related.PatchVulnerability that could have allowed an attacker in a privileged network position to intercept Bluetooth traffic . The App Store also patched Vulnerability-related.PatchVulnerability CVE-2018-4324 , an issue in the handling of Apple ID that could have been exploited Vulnerability-related.DiscoverVulnerability by a malicious application that would expose the Apple ID of the computer ’ s owner . Also , a validation issue that could expose Apple IDs was in Auto Unlock that was patched Vulnerability-related.PatchVulnerability with improved validation of the process entitlement . CVE-2018-4353 impacted Vulnerability-related.DiscoverVulnerability the application firewall where a sandboxed process may be able to circumvent sandbox restrictions , but this was addressed Vulnerability-related.PatchVulnerability by adding additional restrictions . In Crash Reporter a validation issue , CVE-2018-4333 , was addressed Vulnerability-related.PatchVulnerability that if exploited Vulnerability-related.DiscoverVulnerability would allow a malicious application to read restricted memory . Two Kernel problems were fixed Vulnerability-related.PatchVulnerability , CVE-2018-4336 and CVE-2018-4344 , that could let an application may be able to execute arbitrary code with kernel privileges . The final problem , CVE-2016-1777 , effected Security where an attacker could exploit a weaknesses in the RC4 cryptographic algorithm and was fixed Vulnerability-related.PatchVulnerability by removing RC4 .

The ransomware is linked to a leaked vulnerability originally kept by the National Security Agency . Major corporations across the world have been hit Attack.Ransom by a wave of ransomware attacks Attack.Ransom that encrypt computers and then demand Attack.Ransom that users pay Attack.Ransom $ 300 to a bitcoin address to restore access . While countries across Europe — the United Kingdom , Ukraine , Spain and France , to name a few — were hit hardest by the outbreak , the virus has now spread to the United States . Today , one of the largest drug makers in the U.S. , Merck , reported being infected by the malware , as did the multinational law firm DLA Piper , which counts more than 20 offices in the U.S. Heritage Valley Health Systems , a health care network that runs two hospitals in Western Pennsylvania , also confirmed in a statement to Recode on Tuesday that it was a victim of the same ransomware attack Attack.Ransom that has spread around the globe . At least one surgery had to be postponed because of the hack , according to a woman interviewed by Pittsburgh Action News 4 . The malware , which has been dubbed NotPetya , has been confirmed by multiple security firms to resemble the WannaCry ransomware attack Attack.Ransom , which in May infected hundreds of thousands of computers by taking advantage of a National Security Agency hacking tool called Eternal Blue . That exploit was leaked last April by a hacker or group of hackers called ShadowBrokers . Eternal Blue takes advantage of a vulnerability in the Windows operating system , for which Microsoft issued Vulnerability-related.PatchVulnerability a patch earlier this year . Not all Windows users installed the update — hence one of the reasons WannaCry was able to spread . “ Our initial analysis found that the ransomware uses multiple techniques to spread , including one which was addressed Vulnerability-related.PatchVulnerability by a security update previously provided for all platforms from Windows XP to Windows 10 , ” Microsoft said in a statement to Recode . Microsoft further advised users to exercise caution when opening files in emails from unknown sources , since malware is often spread through email attachments . Microsoft also noted that its antivirus software is capable of detecting and removing the ransomware . Ukraine appears to have been the country most affected by today ’ s ransomware outbreak , according to a chart shared in a tweet by Costin Raiu , the director of a global research team with Kaspersky Lab .