173 matches found
PT-2017-3249
Name of the Vulnerable Software and Affected Versions Systems with microprocessors affected versions not specified Description The issue is related to speculative execution and indirect branch prediction in microprocessors, which may allow unauthorized disclosure of information to an attacker wit...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of December 11, 2017
If you read my weekly blog or follow me on Twitter, you know that I’m a huge sports fan. Unfortunately, when you don’t live in the town of your favorite team, you can be subject to blackout rules. So, my husband and I decided to purchase NFL Sunday Ticket from DirecTV. Fast forward to a couple of...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of November 13, 2017
The dreaded white, blank screen in Microsoft Word is taunting me, with its blinking cursor asking for words to be written. Just when I thought I wouldn’t get any inspiration for this week’s blog, inspiration came to me from beyond through our late CTO Raimund Genes. Earlier this week, the third...
Write Cache Drive on PVS Target Devices is Filling up Quickly After Installing Microsoft Updates (Wanna Cry)
Write cache drive is filling up quickly after installing Microsoft Updates Wanna Cry...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of July 10, 2017
Before the world of laptops, tablets and smart phones, some of us had to use paper-based solutions to keep track of our calendars and to-do lists. I used a Franklin Planner, where I kept track of my calendar as well as my never-ending to-do list. The Franklin Planner used the “ABC” system to help...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 12, 2017
“What can you sit on, sleep on, and brush your teeth with?” This was the question posed to Steve Martin’s character C.D. Bales in the 1987 movie Roxanne. In a modern take of Edmond Rostand's 1897 verse play Cyrano de Bergerac, the movie centers around C.D.’s attempt to win the love of a woman whi...
Ransomware Attack Hobbles Prestigious University College London
University College London, one of the U.K.’s prestigious public research universities, has closed off access to personal and shared drives after a ransomware attack was detected late Wednesday afternoon. University officials said this morning that this was a web-based infection, reversing claims...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 8, 2017
Although I’m still dreaming of the sandy beaches of Cancun, it’s time to get back to reality. Security vulnerabilities never take a holiday and this week is no exception. In addition to our normal Digital Vaccine DV package delivered earlier this week, we also issued an out-of-band DV package to...
KLA10706 Potentially vulnerable Dell certificate
Microsoft updates Certificate Trust list to exclude potentially vulnerable eDellCert certificate. Via this vulnerability malicious can obtain sensitive information or bypass security restrictions. Technical details For further details about problem you can visit Dell blog entry related. And also ...
Microsoft February 2015 Patch Tuesday security bulletins
Microsoft’s first foray into patching Internet Explorer in 2015 is still short one zero day fix. Today’s Patch Tuesday security bulletins included a monster IE rollup taking care of 41 vulnerabilities in the browser, and another bulletin patching a Windows zero day publicly disclosed by Google’s...
Windows 9 Start Menu Demo Video Leaked Online
After providing the glimpses of the next Windows, one of the screenshot leakers has now obtained a short video showing off a build of the very new Windows 9, aka "Threshold," features as well as how users can expect to use it. Two German sites, ComputerBase and WinFuture, posted 20 screenshots on...
IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass
No description provided by source. toStaticHTML: The Second Encounter CVE-2012-1858 HTML Sanitizing Bypass - CVE-2012-1858http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858 Original advisory -...
CVE-2013-3918
creationtimestamp| type| source ---|---|--- 2013-11-11 07:00:00+00:00| seen| https://msrc.microsoft.com/blog/2013/11/activex-control-issue-being-addressed-in-update-tuesday/ 2013-11-12 07:00:00+00:00| seen|...
MS13-054: Vulnerability in GDI+ could allow remote code execution: July 9, 2013
Resolves a vulnerability that could allow remote code execution on a client system if a user opens a specially crafted document or visits a specially crafted webpage that embeds TrueType font files.View products that this article applies to.IntroductionThis update resolves a vulnerability that...
MS11-099: Cumulative Security Update for Internet Explorer (2618444)
The remote host is missing Internet Explorer IE Security Update 2618444. The installed version of IE is affected by several vulnerabilities that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid57285...
Get Ready for Microsoft 13 updates for August Patch Tuesday
Get Ready for Microsoft 13 updates for August Patch Tuesday Microsoft has announced that it will release 13 bulletins to address 22 vulnerabilities in Windows, Office, Internet Explorer, .NET and Visual Studio on its next Patch Tuesday. Another "critical" bulletin affects Windows server operating...
Microsoft Windows Internet Protocol Validation Remote Code Execution Vulnerability
Description Microsoft Windows is reported prone to a remote code execution vulnerability. It is reported that the vulnerability manifests when an affected Microsoft platform receives and processes an especially malformed TCP/IP packet. Reports indicate that the immediate consequences of...
Microsoft SQL Server Web Task Stored Procedure Privilege Escalation Vulnerability
Description Microsoft has reported a vulnerability in SQL Server. According to the report, the vulnerability may be exploited by malicious database users to elevate privileges. Web tasks create HTML files containing queried data. They are invoked with a stored procedure. By default, the privilege...
StorSimple Virtual Array Regular Updates
This product category is to be used for StorSimple Virtual Array Updates...
Azure Connected Machine Agent - GA version
Updates for the Azure Connected Machine Agent...