Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-340.08.20.20: TT-CSIRT ADVISORY – Microsoft Issues Emergency Security Updates for Windows 8.1 and Server 2012 R2

Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities. Tracked as CVE-2020-1530 and CVE-2020-1537, both flaws reside in the Remote Access Service (RAS) in a way it manages memory and file operations and could let remote attackers gain elevated …

TTCSIRT-339.08.19.20: TT-CSIRT ADVISORY – Google Chrome Zero-Day That Allow Attackers To Fully Bypass CSP Rules

A Zero-day vulnerability has been affecting the Chromium-based browsers like Chrome, Opera, Edge – on Windows, Mac, and Android. And more importantly, they are allowing the attackers to completely bypass the CSP rules on Chrome versions 73 (March 2019) through 83 (July 2020). CSP is a skill that has a set of rules that are …

TTCSIRT-338.08.19.20: TT-CSIRT ADVISORY – Microsoft Windows Kernel Information Disclosure

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieveinformation that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. Successful exploitation of this vulnerability would allow a remote attacker to …

TTCSIRT-337.08.19.20: TT-CSIRT ADVISORY – Microsoft Internet Explorer Scripting Engine Memory Corruption

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this …

TTCSIRT-336.08.19.20: TT-CSIRT ADVISORY- RESEARCHER PUBLISHES PATCH BYPASS FOR VBULLETIN 0-DAY

A security researcher has published proof-of-concept code to outsmart a patch issued last year for a zero-day vulnerability discovered in vBulletin, a popular software for building online community forums. This allows an attacker to run malicious code and take over forums without needing to authenticate on the sites that are under attack. The unidentified security …

TTCSIRT-335.08.19.20: TT-CSIRT ADVISORY- TEAMVIEWER FLAW IN WINDOWS APP ALLOWS PASSWORD-CRACKING

A vulnerability has been discovered in TeamViewer, which could allow for offline password cracking. TeamViewer is a program used for remote control, desktop sharing, online meetings, web conferencing, and file transfer between systems. Successful exploitation of this vulnerability could allow an attacker to launch TeamViewer with arbitrary parameters. The program could be forced to relay …

TTCSIRT-334.08.19.20: TT-CSIRT ADVISORY- POTENTIAL REMOTE VULNERABILITY IN SECURE MESSAGING GATEWAY MICRO FOCUS

A potential vulnerability has been identified in Secure Messaging Gateway. The Secure Messaging Gateway appliance on SLES had a potential vulnerability in the DKIM key management page. A logged in user with rights to generate DKIM key information could inject system commands into the call to the DKIM system command by setting the domain parameter …

TTCSIRT-333.08.19.20: TT-CSIRT ADVISORY- MAC MALWARE XCSSET CAMPAIGN

Security researchers at Trend Micro have discovered a new campaign which utilizes developers as a means to spread the XCSSET suite of malware to unsuspecting Mac users. XCSSET is a new Mac malware strain that is capable of hijacking Apple’s Safari web browser and injecting malicious JavaScript payloads that can steal passwords, financial data and personal information.  While cybercriminals …

TTCSIRT-332.08.12.20: TT-CSIRT ADVISORY- CITRIX ENDPOINT MANAGEMENT (CEM) SECURITY UPDATE

Multiple vulnerabilities have been discovered in Citrix Endpoint Management (CEM), also referred to as XenMobile.These vulnerabilities have the following identifiers: CVE-2020-8208 CVE-2020-8209 CVE-2020-8210 CVE-2020-8211 CVE-2020-8212 The following versions of Citrix Endpoint Management (CEM) are affected by critical severity vulnerabilities: XenMobile Server 10.12 before RP2 XenMobile Server 10.11 before RP4 XenMobile Server 10.10 before RP6 XenMobile Server before 10.9 RP5 Users affected by these critical severity vulnerabilities are strongly recommended to …

TTCSIRT-331.08.03.20: TT-CSIRT ADVISORY- CISCO RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS

Cisco has released security updates to address vulnerabilities affecting multiple products. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page via the link provided; https://tools.cisco.com/security/center/publicationListing.x Below are Critical Cisco Vulnerabilities with the relevant links to give a …