CERT-MU Security Bulletin for the week of 12, October 2015

advertisement
CERT-MU Weekly Security Bulletin
CERT-MU
CERT-MU Weekly Security Bulletin provides a summary of information security
news, vulnerabilities, advisories and virus alerts for the week of October 12, 2015.
This information is uploaded on CERT-MU website on a daily basis.
For more details, refer to CERT-MU website: http://cert-mu.org.mu.
THREAT ALERTS
Threat Alerts of the Week
Multiple Vulnerabilities in Microsoft Products
Multiple vulnerabilities have been identified in Microsoft Products, which could allow
remote attackers to cause execution of arbitrary code, bypass security restrictions and
gain knowledge of sensitive information on affected systems.
Read More
INFORMATION SECURITY NEWS
Hottest News
Apple removes some apps from online store over security concerns
A few applications have been removed from Apple’s App store over security concerns.
The company stated that the security of some users’ personal data could be
compromised in certain circumstances as the apps threatened users’ security by
installing certificates that can expose data to monitoring by third parties. The company
did not specify the precise number of apps at issue. Apple is working closely with these
developers to quickly get their apps back on the App Store, while ensuring customer
privacy and security is not at risk. Apps with so-called root certificates route user data to
servers where it can be analyzed.
Read More
Page 1
VULNERABILITIES
The table below shows the vulnerabilities related to various Operating Systems,
Application software and Network devices discovered during the week of October 12,
2015. The vulnerabilities are organized according to their severity – High, Medium and
Low. More details about the vulnerabilities and their countermeasures are available on
the CERT-MU website.
VULNERABILITIES – HIGH
Vendor /
Product
Google
Adobe
Vulnerability
Google Chrome Multiple
Bugs Let Remote Users
Execute Arbitrary Code,
Bypass Security Restrictions,
and Obtain Potentially
Sensitive Information
Adobe Acrobat/Reader
Multiple Flaws Let Remote
Users Obtain Potentially
Sensitive Information,
Execute Arbitrary Code, and
Bypass Security Restrictions
Published Date
CERT-MU References
October 16, 2015
VN-2015-181
October 15, 2015
VN-2015-180
VULNERABILITIES – MEDIUM
Vendor /
Product
Cisco
Kaspersky
Vulnerability
Cisco AnyConnect Secure
Mobility Client Arbitrary File
Move Vulnerability
Kaspersky Internet Security
Password Related Bugs Let
Local Users Obtain the
Application's Administration
Password and Bypass
Authentication to Modify the
Configuration
Page 2
Published Date
CERT-MU References
October 13, 2015
VN-2015-179
October 12, 2015
VN-2015-178
VIRUS ALERTS
The latest viruses and risks for this week are listed below. Users are required to follow
the links on CERT-MU website for the removal instructions as proposed by the specific
vendors.
Virus Alerts
Name
Infostealer.Shifu
Type
Trojan
Damage
Level
High
Systems Affected






Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server
2003
Windows Server
2008
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server
2003
Windows Server
2008
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows Vista
Windows XP

Windows 2000









Boot.HDRoot
Trojan
Low
Backdoor.Gonymdos
Trojan
Low












Packed.Generic.494
Trojan
Low
W32.Expiro
Trojan
Low
Page 3
Release Date
October 12, 2015
October 13, 2015
October 14, 2015
October 14, 2015
October 14, 2015







Backdoor.Owashell
Trojan
Low










Trojan.Broluxa
Trojan
Low












Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server
2003
Windows Server
2008
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server
2003
Windows Server
2008
Windows Vista
Windows XP
Windows 2000
Windows 7
Windows 95
Windows 98
Windows Me
Windows NT
Windows Server
2003
Windows Server
2008
Windows Vista
Windows XP
October 14, 2015
October 15, 2015
Please note that the members who do not want to receive the weekly security bulletin,
they can unsubscribe from CERT-MU mailing list by sending an e-mail to the following
address: unsubscribe@cert.ncb.mu
Page 4
For more information please contact CERT-MU team on:
Hotline No: (+230) 800 2378
Fax No: (+230) 208 0119
Gen. Info. : contact@cert.ncb.mu
Incident: incident@cert.ncb.mu
Website: http://cert-mu.org.mu
Page 5
Download