Skip to main content
Category

Uncategorized

||

Linux Vulnerabilities of the Week: January 29, 2021

By UncategorizedNo Comments

Linux Vulnerabilities of the Week: January 29, 2021

Are you caught up on January's Linux vulnerabilities? See this week's top issues and keep your IT environment protected.

[vc_empty_space]
[vc_single_image image=”364537″ img_size=”full”]

1. Samba update for Amzn1 (Amazon AWS), Red Hat Enterprise 6, 7, 8 & Red Hat Storage 3

Vendor Severity: Critical
CVSS Score: 10

A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administrator privileges.

CVE Reference(s): CVE-2020-14318, CVE-2020-14323, CVE-2020-1472

[vc_separator]

2. Libxslt update for Amzn1 (Amazon AWS)

Vendor Severity: Medium
CVSS Score:
9.8

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. (CVE-2019-11068).

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn’t reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. (CVE-2019-18197).

CVE Reference(s): CVE-2019-11068, CVE-2019-18197

ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file (CVE-2020-25677).

CVE Reference(s): CVE-2020-25660, CVE-2020-25677, CVE-2020-27781.

[vc_separator]

3. Slurm security update for Suse Enterprise 15 SP1

Vendor Severity: Moderate
CVSS Score:
9.8

Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.

CVE Reference(s): CVE-2020-27745, CVE-2020-27746

[vc_separator]

4. Kernel security update for Oracle Linux 6 & 7

Vendor Severity: Important
CVSS Score: 8.8

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9009 advisory.

CVE Reference(s):  CVE-2020-27673, CVE-2020-29568, CVE-2020-29569, CVE-2020-28374

[vc_separator]

5. Red Hat Ceph Storage 4.2 Security and Bug Fix update for Red Hat Enterprise 7

Vendor Severity: Critical
CVSS Score:
10

ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila (CVE-2020-27781).

ceph: CEPHX_V2 replay attack protection lost (CVE-2020-25660).

ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file (CVE-2020-25677).

CVE Reference(s): CVE-2020-25660, CVE-2020-25677, CVE-2020-27781.

[vc_separator]

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”]
[vc_single_image image=”37252″ img_size=”full” css_animation=”fadeIn” css=”.vc_custom_1611965477970{padding-right: 20px !important;padding-left: 20px !important;}”]

Still Relying on WSUS? Here’s Why You Can’t

By UncategorizedNo Comments

Still Relying on WSUS? Here’s Why You Can’t

In one of the worst patch rollouts in Windows history, Microsoft's surprise zero-day patch for IE was released, but not released, then pushed sporadically, but only in preview, and never explained.
[vc_empty_space]
[vc_single_image image=”34309″ img_size=”full”]

Microsoft’s Patch Disaster

Last week, Microsoft ordered users to immediately download an “emergency” out-of-band security patch meant to close up a security flaw in some versions of Internet Explorer that can be exploited by hackers.

Specifically, the IE zero-day vulnerability (CVE-2019-1367) is a remote code execution flaw that could easily enable an attacker to remotely run malicious code on an affected device and take it over. This vulnerability is so serious that Homeland Security also issued an advisory telling users to download the patch immediately.

But not so fast.

ComputerWorld’s Woody Leonhard reports that, “in what may be the worst rollout in modern Windows patching history, Microsoft rolled all over itself in its handling of IE security hole CVE-2019-1367.” You can read about the full timeline here, but this is what Leonhard concluded:

“September’s surprise zero-day patch for Internet Explorer hole CVE-2019-1367—released, but not released, then pushed sporadically, but only in preview, and never explained.”

In other words, the patch for this serious vulnerability wasn’t available through Windows Update or the Update Server; it was only available as a manual download from the Catalog.

Nevertheless, all Windows users are strongly advised to patch as soon as possible. And remember, if your organization is relying on WSUS to deploy patches, you are still at risk for CVE-2019-1367.

Syxsense can scan all your machines, deploy the patch, and report back the all clear. We take patching seriously, and you can start a trial of our Syxsense here.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]

Network Map: Visualize Your IT Security

By Patch Management, UncategorizedNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

View Any IT Issue at a Glance

Syxsense’s Network Map puts the answer to the IT’s burning questions in a single screen. Can I see every device connected to my network, and how vulnerable to attack are these devices?
Through color coding, critically vulnerable devices alert you to weak links in your security infrastructure.

With a click of a mouse, start a task to immediately patch “Red” devices. Mouse over any device to see exact numbers of how many critical, high, medium or low vulnerabilities you have. Double click to view inventory, a timeline of any changes on the device, and patching history.

[vc_single_image image=”25331″ img_size=”full” alignment=”center” css_animation=”fadeIn”]

By setting up a regular maintenance window, your devices will be fully patched, and a glance at this global network map confirms your compliance. It gives auditors, executives, IT directors and most importantly, you, peace of mind that hackers, phishing, or ransomware cannot exploit your business.

Why choose Syxsense?
1. Detection: With Realtime security information, Syxsense displays the current state of your devices and software. This is a reflection of right now; not minutes or hours ago.
2. Roll Back Patches: Not only can you deploy updates with a strategic method, but the Patch Manager can also uninstall updates. The task can be configured to remove a specific update, or group of updates, from all devices or just a selection of them.

[vc_single_image image=”26877″ img_size=”full”]

3. Task Status and Reporting: Along with that Realtime data display comes accurate task status information. You can follow along as the task runs and analyze which devices succeeded or failed to implement the update. From there, our reporting section organizes vital information into easy to understand reports. These are perfect for emailing out to prove needed work has been completed effectively.

[vc_separator]

The Power of Realtime Security

Syxsense Realtime Security manages devices inside and outside your network, roaming laptops, Servers, Desktops, and IoT devices. With Realtime Security we’ve added both this network map and the ability to see and kill virulent malignant processes acting on your network.

Rare Red Hat Critical Update

By News, UncategorizedNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Linux Patches Security Concerns with Firefox

Almost at urban legend status, Red Hat rarely rates updates as critical. Well, it’s not myth now, as an update is available for Red Hat Enterprise Linux 6 and 7. With a CVSS score of 8.8, we are recommending this update be actioned quickly.
An important fact to note, after installing the update, Firefox must be restarted for the changes to take effect.
This update upgrades Firefox to version 60.5.0 ESR.

Security Fixes:
• Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500)
• Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 (CVE-2018-18501)
• Mozilla: Privilege escalation through IPC channel messages (CVE-2018-18505)

Is your patching strategy ready?

Having a strategic patch roll-out implemented is key to secure software updating. However, your plan and patching software must be flexible enough to deal with a rogue critical update. Will you be ready to jump into action when an emergency security update is released?

With Syxsense, you have the stability of a strategic roll-out, but also the capabilities of a response team. This solution can patch devices with Windows, Mac, or Linux operating systems. Our content library has a wide range of major software vendors.
Learn more about securing your devices in Syxsense Realtime Security.

[dt_default_button link=”url:%2Fsyxsense-trial%2F|||”]Start a Free Trial[/dt_default_button]

Patch Now: Chrome and Firefox Vulnerable

By News, Patch Management, UncategorizedNo Comments
[vc_single_image image=”26505″ img_size=”full”]

Update Your Browsers

New releases for Chrome and Firefox address security concerns.
Two of the most widely used internet browsers, Chrome and Firefox, have released updates for 65 security flaws.
Of these security patches, 4 have a ‘critical’ severity rating and 19 are rated as ‘high’. Chrome 72 will also warn users when they visit a spoofed URL.
These updates are available for both browsers on Linux, Mac, and Windows.

What’s the simplest way to update my browsers?
Keeping internet browsers across your company up to date can be surprisingly easy, with the right solution. Syxsense provides detection and remediation of critical updates.

[vc_single_image image=”26510″ img_size=”full” alignment=”center”]

With a comprehensive patch scan, you’ll see all the devices that require updates. If you are wondering about the status of a specific software, run a targeted scan seeking a specific software. Both are easily set up and can be repeated regularly with our maintenance windows.

From there, it’s simple to set up a task that targets every device that need updates.It’s time to switch to an IT management solution that can deploy any security updates required.
Get started with Syxsense’s patching capabilities and experience all the intuitive features.

[dt_default_button link=”url:%2Fsyxsense-trial%2F|||” size=”big”]Start A Free Trial[/dt_default_button]

Top 10 Most Out-of-Date Programs

By News, UncategorizedNo Comments

Millions of PCs Are Running Outdated Versions of Popular Software

55% of all programs worldwide are out-of-date
It is 2019, and millions of computers still either have at least one outdated application installed or run outdated operating systems, making themselves vulnerable to online threats and known security vulnerabilities/exploits.
Many outdated applications, including frameworks and tools, contain vulnerabilities and for security reasons should be updated immediately.

For example, in May 2018 7-ZIP fixed an issue in the RAR extraction logic that could allow a DoS attack or execute harmful code embedded in RAR files.
Another popular example is Java: Versions 6, 7 and 8 are still widely installed and no longer up-to-date. Even users who are on the latest Java version 10 release should check for updates regularly to avoid any security issues.
One of the most out-of-date applications is the VLC Media Player. This is likely due to older versions of the software not notifying the users about updates. Skype closely follows, as most users are still on the older version, Skype 7 Classic. Microsoft has not enforced the update to the new Skype 8, but has been gathering user feedback and encouraging users to upgrade.

[vc_separator css=”.vc_custom_1548907454134{padding-top: 10px !important;padding-bottom: 5px !important;}”]

Most Out-of-Date Programs

1. Adobe Shockwave
2. VLC Media Player
3. Skype
4. Java Runtime Environment 6-8
5. 7-Zip Filemanager
6. Foxit Reader
7. Adobe Air
8. InfranView
9. Mozilla Firefox
10. DivX Plus Web Player

11. WinZip
12. iTunes
13. Nitro PDF Professional 9
14. GOM Media Player
15. WinRAR Archiver
16.Skype 8
17. Java Runtime Environment 10
18. Nitro PDF Professional 10
19. Mozilla Thunderbird
20. Mozilla HP Photo Creations

Use Syxsense to detect and then remediate updates. While you could run a comprehensive scan of all devices on a network, you can also run a targeted scan seeking a specific software. Easily see which devices are running which version of an application that might be at risk. From there, it’s simple to set up a task that targets every device that need the update.

[dt_default_button link=”url:%2Fsyxsense-trial%2F|||” size=”big”]Start A Trial[/dt_default_button]

January Third-Party Security Updates

By News, Patch Management, UncategorizedNo Comments
[vc_single_image image=”26909″ img_size=”full” alignment=”center”]

Latest Third-Party Updates

This month there are several notable updates with CVSS ratings. Apple has released critical fixes for two of their OS platforms. Adobe and Foxit both have patches with high ratings. Prioritize these updates when securing your environment.

Still using WSUS?

If so, how are you deploying third-party security updates?
It’s time to switch to an IT management solution that can deploy any security updates required. Don’t rely on an incomplete tool that can only deploy windows updates. Syxsense can deploy a wide-range of updates, including Windows, Mac, and Linux software.

[dt_default_button link=”url:%2Fsyxsense-trial%2F|||” size=”big”]Start A Free Trial[/dt_default_button]
[vc_separator]

Third-Party Updates

Vendor Category Patch Version and Release Notes: CVSS Score and Rating
Adobe Multi-purpose software Flash Player, ActiveX, and AIR: v32.0.0.114Acrobat and Reader DC: v19.010.20069 N/A7.8 and High
Apple Operating Systems macOS: v10.14.3macOS High Sierra: v10.13.6

iTunes: v12.9.3.3

9 and Critical9 and Critical

N/A

Don Ho Text and Source Code Editor Notepad: v7.6.3 N/A
Evernote Organization App Evernote: v6.17.6.8292 N/A
FileZilla FTP application FileZilla: v3.40.0 N/A
Foxit Corporation PDF software FoxitReader: v9.4.0 6.3 and High
Google Browser Google Earth Pro: v7.3.2.5495 N/A
KeePass Open-source password manager KeePass: v2.41 N/A
Mozilla Browser and Email Application Firefox: v64.0.2 N/A
Opera Web Browser Opera: v58.0.3135.47 N/A
Oracle Computer Programing Language Java: v8u202 N/A
Peter Pawlowski Audio Player Foobar2000: v1.4.2 N/A
RealVNC Remote Access Software RealVNC Viewer: v6.19.1 N/A
WinSCP Web Client WinSCP: v5.13.7 N/A
Wireshark Open-source packet analyzer Wireshark: v2.6.6 N/A

Future Windows 10 Updates Will Demand Dedicated Disk Space

By News, UncategorizedNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

The Next Upgrade Will Section Off 7GB of Storage

Due sometime in March or April, the next Windows update will do something new. 1903 will section off and hold 7GB of drive space. This sectioning is being called “reserved storage” and Microsoft argues it will improve functionality by guaranteeing there will always be space for critical OS functions.
Windows updates have always required a chunk of storage space to run the update. But after the task had been completed, that space was released back to the user. Now, it will create a section that will always be held. However, new updates will utilize this new portion before attempting to take any more space in an update.

There are still unknowns about how this will work. For instance, will this reserved storage space be manageable through group policies?
This change leaves IT with an important question, do all Windows devices have the necessary space to facilitate this new demand? To prevent going to every single device and noting its current storage space, utilize an IT solution with comprehensive inventory information.

[vc_single_image image=”26212″ img_size=”full” alignment=”center”]

Syxsense Realtime Security displays current data from your devices. The information is fresh; not from hours or minutes ago, but from right now.

Looking at the free disk space information, there will be no question as to which devices have enough space to handle this new Windows function.
Come trial Syxsense Realtime Security and all of its features before Windows rolls out their next update.

[dt_default_button link=”url:%2Fsyxsense-trial%2F|||” size=”big”]Start a Free Trial[/dt_default_button]