12 matches found
EUVD-2015-8363
Malware in sbrugna...
CVE-2015-8482
Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors...
July 13, 2021—KB5004285 (Security-only update)
July 13, 2021—KB5004285 Security-only update Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For more information, see the Update on Adobe Flash Player End of Support. Important: Windows 8.1 and Windows Server 2012 R2 have...
Microsoft Launches Phase 2 Mitigation for Netlogon Remote Code Execution Vulnerability (CVE-2020-1472)
Microsoft addressed a critical remote code execution vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. Beginning with the February 9, 2021 Security Update release, Domain Controllers will be placed in enforcement mode. This will require all Windows and non-Windows...
Experts Detail A Recent Remotely Exploitable Windows Vulnerability
More details have emerged about a security feature bypass vulnerability in Windows NT LAN Manager NTLM that was addressed by Microsoft as part of its monthly Patch Tuesday updates earlier this month. The flaw, tracked as CVE-2021-1678 CVSS score 4.3, was described as a "remotely exploitable" bug...
The story of ZeroLogon
This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After it was discovered by researchers, the vulnerability was patched and that should have been the end of the story. Unfortunately the patch caused problems of its own, which made it very...
Microsoft Implements Windows Zerologon Flaw 'Enforcement Mode'
Microsoft is taking matters into its own hands when it comes to companies that haven’t yet updated their systems to address the critical Zerologon flaw. The tech giant will soon by default block vulnerable connections on devices that could be used to exploit the flaw. Starting Feb. 9, Microsoft...
Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472
Microsoft addressed a Critical RCE vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. We are reminding our customers that beginning with the February 9, 2021 Security Update release we will be enabling Domain Controller enforcement mode by default. This will block...
CVE-2021-23240
A race condition vulnerability was found in the temporary file handling of sudoedit's SELinux RBAC support. On systems where SELinux is enabled, this flaw allows a malicious user with sudoedit permissions to set the owner of an arbitrary file to the user ID of the target user, potentially leading...
3 Ways to Hunt for the ZeroLogon Vulnerability on Your Windows Servers
Vulnerability assessment and patch management can be painful time-consuming processes. From the Security team looking at vulnerability reports and prioritizing the riskiest ones for their environment to the IT or Infrastructure team determining exactly which machines need to be patched and...
Zerologon Attacks Against Microsoft DCs Snowball in a Week
A spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, known as the Zerologon bug, continues to plague businesses. That’s according to researchers from Cisco Talos, who warned that cybercriminals are redoubling their efforts to trigger the elevation-of-privilege bug i...
Design/Logic Flaw
Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors...