CERT-MU Weekly Security Bulletin CERT-MU CERT-MU Weekly Security Bulletin provides a summary of information security news, vulnerabilities, advisories and virus alerts for the week of October 12, 2015. This information is uploaded on CERT-MU website on a daily basis. For more details, refer to CERT-MU website: http://cert-mu.org.mu. THREAT ALERTS Threat Alerts of the Week Multiple Vulnerabilities in Microsoft Products Multiple vulnerabilities have been identified in Microsoft Products, which could allow remote attackers to cause execution of arbitrary code, bypass security restrictions and gain knowledge of sensitive information on affected systems. Read More INFORMATION SECURITY NEWS Hottest News Apple removes some apps from online store over security concerns A few applications have been removed from Apple’s App store over security concerns. The company stated that the security of some users’ personal data could be compromised in certain circumstances as the apps threatened users’ security by installing certificates that can expose data to monitoring by third parties. The company did not specify the precise number of apps at issue. Apple is working closely with these developers to quickly get their apps back on the App Store, while ensuring customer privacy and security is not at risk. Apps with so-called root certificates route user data to servers where it can be analyzed. Read More Page 1 VULNERABILITIES The table below shows the vulnerabilities related to various Operating Systems, Application software and Network devices discovered during the week of October 12, 2015. The vulnerabilities are organized according to their severity – High, Medium and Low. More details about the vulnerabilities and their countermeasures are available on the CERT-MU website. VULNERABILITIES – HIGH Vendor / Product Google Adobe Vulnerability Google Chrome Multiple Bugs Let Remote Users Execute Arbitrary Code, Bypass Security Restrictions, and Obtain Potentially Sensitive Information Adobe Acrobat/Reader Multiple Flaws Let Remote Users Obtain Potentially Sensitive Information, Execute Arbitrary Code, and Bypass Security Restrictions Published Date CERT-MU References October 16, 2015 VN-2015-181 October 15, 2015 VN-2015-180 VULNERABILITIES – MEDIUM Vendor / Product Cisco Kaspersky Vulnerability Cisco AnyConnect Secure Mobility Client Arbitrary File Move Vulnerability Kaspersky Internet Security Password Related Bugs Let Local Users Obtain the Application's Administration Password and Bypass Authentication to Modify the Configuration Page 2 Published Date CERT-MU References October 13, 2015 VN-2015-179 October 12, 2015 VN-2015-178 VIRUS ALERTS The latest viruses and risks for this week are listed below. Users are required to follow the links on CERT-MU website for the removal instructions as proposed by the specific vendors. Virus Alerts Name Infostealer.Shifu Type Trojan Damage Level High Systems Affected Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows Vista Windows XP Windows 2000 Boot.HDRoot Trojan Low Backdoor.Gonymdos Trojan Low Packed.Generic.494 Trojan Low W32.Expiro Trojan Low Page 3 Release Date October 12, 2015 October 13, 2015 October 14, 2015 October 14, 2015 October 14, 2015 Backdoor.Owashell Trojan Low Trojan.Broluxa Trojan Low Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP October 14, 2015 October 15, 2015 Please note that the members who do not want to receive the weekly security bulletin, they can unsubscribe from CERT-MU mailing list by sending an e-mail to the following address: unsubscribe@cert.ncb.mu Page 4 For more information please contact CERT-MU team on: Hotline No: (+230) 800 2378 Fax No: (+230) 208 0119 Gen. Info. : contact@cert.ncb.mu Incident: incident@cert.ncb.mu Website: http://cert-mu.org.mu Page 5