FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection

An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. "The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for...

Microsoft .NET Framework Information Disclosure Vulnerability (KB5020689)

This host is missing an important security update according to Microsoft KB5020689 Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Microsoft .NET Framework Information Disclosure Vulnerability (KB5020688)

This host is missing an important security update according to Microsoft KB5020688 Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Node.js follow-redirects is used by IBM Robotic Process Automation as part of API Server functionality CVE-2022-0536. Madialize URI.js module for NPM is used by IBM Robotic Process Automation as par...

January 19, 2023-KB5022479 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11

January 19, 2023-KB5022479 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 11 Release Date: January 19, 2023 Version: .NET Framework 3.5, 4.8 and 4.8.1 Note: Revised on Jun 20, 2023 to add known issue. Summary This article describes the Cumulative Update for 3.5, 4.8 a...

January 19, 2023-KB5022478 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2

January 19, 2023-KB5022478 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 Release Date: January 19, 2023 Version: .NET Framework 3.5, 4.8 and 4.8.1 Note: Revised on Jun 20, 2023 to add known issue. Summary This article describes the Cumulative Update f...

Moderate: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Moderate: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Moderate: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RLSA-2023:0079 Moderate: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The...

.NET 6.0 security, bug fix, and enhancement update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

ALSA-2023:0079 Moderate: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The...

Moderate: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The...

Moderate: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.113 and .NET Runtime 6.0.13. The...

The vulnerability in the programming interface of DirectWrite on the Microsoft .NET Framework software platform, as well as in Microsoft Office applications, the Live Meeting web conference software, Microsoft Lync instant messaging software, and the Microsoft Silverlight software platform, arises due to errors in syntax analysis of TrueType fonts. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the DirectWrite programming interface on the Microsoft .NET Framework, Microsoft Office applications, the web conferencing software Live Meeting, the instant messaging software Lync, and the Microsoft Silverlight platform is related to errors in syntax analysis of TrueType...

Microsoft Security Update Validation Report December 2022

Microsoft’s December 2022 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

Security Updates for Microsoft .NET Framework (December 2022)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in the handling of XPS files. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted fr...

CVE-2022-41089

.NET Framework Remote Code Execution Vulnerability...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB5021089)

This host is missing an important security update according to Microsoft KB5021089 Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB5020873)

This host is missing an important security update according to Microsoft KB5020873 Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...