TTCSIRT-392.04.15.21 TTCSIRT ADVISORY- APPLY MICROSOFT APRIL 2021 SECURITY UPDATE TO MITIGATE NEWLY DISCLOSED MICROSOFT EXCHANGE VULNERABILITIES

  • Home
  • Archive for category "Security Advisories"
TTCSIRT-392.04.15.21 TTCSIRT ADVISORY- APPLY MICROSOFT APRIL 2021 SECURITY UPDATE TO MITIGATE NEWLY DISCLOSED MICROSOFT EXCHANGE VULNERABILITIES
By

Microsoft’s April 2021 Security Update mitigates significant vulnerabilities affecting on-premises Exchange Server 2013, 2016, and 2019. An attacker could exploit these vulnerabilities to gain access and maintain persistence on the target host. The Cybersecurity & Infrastructure Security Agency (CISA) strongly urges organizations to apply Microsoft’s April 2021 Security Update to mitigate against these newly disclosed vulnerabilities. […]

Read More
TTCSIRT- 391.03.17.21: TTCSIRT ADVISORY- MICROSOFT RELEASES EXCHANGE ON-PREMISES MITIGATION TOOL
By

Microsoft has released the Exchange On-premises Mitigation Tool (EOMT.ps1) that can automate portions of both the detection and patching process. Microsoft stated the following along with the release: “[the tool is intended] to help customers who do not have dedicated security or IT teams to apply these security updates. The United States of America’s Cybersecurity and Infrastructure […]

Read More
TTCSIRT-390.03.03.21:TTCSIRT ADVISORY – Critical Microsoft Exchange Server Security Updates
TTCSIRT-390.03.03.21:TTCSIRT ADVISORY – Critical Microsoft Exchange Server Security Updates
By

Updated for March 12, 2021   Microsoft has released out-of-band security updates to address multiple vulnerabilities affecting Microsoft Exchange Server 2013, 2016, and 2019. The United States Cyber and Infrastructure Security Agency (CISA) reports that successful exploitation of these vulnerabilities allows an attacker to execute arbitrary code on vulnerable Exchange Servers, enabling the attacker to […]

Read More
TTCSIRT-389.02.04.21: TTCSIRT ADVISORY- SMA 100 SERIES 10.X FIRMWARE ZERO-DAY VULNERABILITY
By

Please be advised that SonicWall is announcing the availability of an SMA 100 series firmware 10.2.0.5-29sv update to patch a zero-day vulnerability on SMA 100 series 10.x code. All SMA 100 series users must apply this patch IMMEDIATELY to avoid potential exploitation. Affected SMA 100 Devices with 10.x Firmware that Require the Critical Patch: Physical Appliances: SMA 200, SMA 210, SMA 400, SMA […]

Read More
TTCSIRT-388.01.19.21:TTCSIRT ADVISORY – Microsoft Defender Remote Code Execution Vulnerability
By

Please be advised that Microsoft has released a security advisory to address a remote code execution vulnerability, CVE-2021-1647, in Microsoft Defender. A remote attacker can exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. TT-CSIRT is urging all entities (public and private) to download and install […]

Read More
TTCSIRT-387.01.14.21:TTCSIRT ADVISORY – Microsoft Releases January 2021 Security Updates
By

Please be advised that Microsoft has released January 2021 Security Updates which prevents remote attackers from exploiting vulnerabilities to gain control of affected systems. The following software will be updated: Microsoft Windows Microsoft Edge (EdgeHTML-based) Microsoft Office and Microsoft Office Services and Web Apps Microsoft Windows Codecs Library Visual Studio SQL Server Microsoft Malware Protection […]

Read More
TTCSIRT-386.12.14.20:TTCSIRT ADVISORY – SUNBURST BACKDOOR
By

FireEye has uncovered a widespread campaign that they are tracking as UNC2452. The actors behind this campaign gained access to numerous public and private organizations around the world. They gained access to victims via trojanized updates to SolarWind’s Orion IT monitoring and management software. FireEye stated that this campaign may have begun as early as […]

Read More
TTCSIRT-384.12.07.20: TT-CSIRT ADVISORY – Cisco Security Advisory for Vulnerability in AnyConnect
By

Cisco has released a security advisory on an Arbitrary Code Execution vulnerability—CVE-2020-3556—affecting Cisco AnyConnect Secure Mobility Client devices. A remote attacker could exploit this vulnerability to take control of an affected system. It is encouraged that users and administrators to review and apply the necessary updates or workarounds. For further information and support, please visit the following link:Cisco […]

Read More
TTCSIRT-383.12.07.20: TT-CSIRT ADVISORY – Apache Releases Security Advisory for Apache Tomcat
By

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition. It is encouraged that users and administrators review the Apache security advisory and upgrade to the appropriate version. Please visit the link below for further support:CVE-2020-17527

Read More

Quick Navigation

Partner Agencies

Subscribe to Stay Updated!

Subscribe

Follow on social media:

Facebook-f X-twitter Linkedin-in Instagram