CVE-2019-14308

Several Ricoh printers have multiple buffer overflows parsing LPD packets, which allow an attacker to cause a denial of service or code execution via crafted requests to the LPD service. Affected firmware versions depend on the printer models. One affected configuration is...

This Week in Security News: DevOps Implementation Concerns and Malware Variants

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how most respondents to a Trend Micro survey shared their concern for the risks in implementing DevOps. Also, read on about how...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1923)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-1125: Fix Spectre V1 variant memory disclosure by speculation over the SWAPGS instruction bsc1139358. - CVE-2019-10207: A NULL pointer dereference was possible i...

Debian DLA-1885-1 : linux-4.9 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-18509 Denis Andzakovic reported a missing type check in the IPv4 multicast routing implementation. A user with the CAPNETADMIN capability in a...

Design/Logic Flaw

An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.2...

[SECURITY] [DLA 1884-1] linux security update

Package : linux Version : 3.16.72-1 CVE ID : CVE-2017-18509 CVE-2018-20836 CVE-2019-1125 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of...

Debian DLA-1884-1 : linux security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-18509 Denis Andzakovic reported a missing type check in the IPv4 multicast routing implementation. A user with the CAPNETADMIN capability in a...

NewStart CGSL MAIN 5.04 : dracut Vulnerability (NS-SA-2019-0016)

The remote NewStart CGSL host, running version MAIN 5.04, has dracut packages installed that are affected by a vulnerability: - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance...

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

A new variant of the Spectre Variant 1 side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerabili...

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an...

UBUNTU-CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would have to log on to an...

July 9, 2019—KB4507462 (Monthly Rollup)

July 9, 2019—KB4507462 Monthly Rollup July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use unconstrained...

July 9, 2019—KB4507464 (Security-only update)

July 9, 2019—KB4507464 Security-only update July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use...

July 9, 2019—KB4507461 (Security-only update)

July 9, 2019—KB4507461 Security-only update July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use...

July 9, 2019—KB4507457 (Security-only update)

July 9, 2019—KB4507457 Security-only update July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use...

July 9, 2019—KB4507456 (Security-only update)

July 9, 2019—KB4507456 Security-only update July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain controllers will intentionally block unconstrained delegation across forest, external, and quarantined trusts. Authentication requests for services that use...

July 9, 2019—KB4507458 (OS Build 10240.18275)

July 9, 2019—KB4507458 OS Build 10240.18275 For more information about the various types of Windows updates, such as critical, security, driver, service packs, etc., please see the following article. July 19, 2019 - IMPORTANT: Beginning with the July 2019 updates, Active Directory domain...

July 9, 2019—KB4507455 (OS Build 16299.1268)

July 9, 2019—KB4507455 OS Build 16299.1268 Reminder: March 12 and April 9 will be the last two Delta updates for Windows 10, version 1709. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please vis...

July 9, 2019—KB4507450 (OS Build 15063.1928)

July 9, 2019—KB4507450 OS Build 15063.1928 Reminder: March 12 and April 9 will be the last two Delta updates for Windows 10, version 1703. Security and quality updates will continue to be available via the express and full cumulative update packages. For more information on this change please vis...

July 9, 2019—KB4507453 (OS Build 18362.239)

July 9, 2019—KB4507453 OS Build 18362.239 Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard. Note This release also contains updates for Microsoft HoloLens OS Build 18362.1024 released July 9, 2019. Microsoft will release an update directly ...