End-of-Day report
Timeframe: Freitag 14-08-2020 18:00 - Montag 17-08-2020 18:00
Handler: Dimitri Robl
Co-Handler: Robert Waldner
News
Microsoft fixes actively exploited Windows bug reported 2 years ago
Microsoft fixed a Windows security vulnerability two years after it was reported. This articles provides greater detail about the bug and how it works.(CVE-2020-1464)
https://www.bleepingcomputer.com/news/security/microsoft-fixes-actively-exploited-windows-bug-reported-2-years-ago/
Potential Apache Struts 2 RCE flaw fixed, PoCs released
Have you already updated your Apache Struts 2 to version 2.5.22, released in November 2019? You might want to, and quickly, as information about a potential RCE vulnerability (CVE-2019-0230) and PoC exploits for it have been published.
https://www.helpnetsecurity.com/2020/08/17/cve-2019-0230/
RevoLTE: Telefonanrufe ließen sich trotz Verschlüsselung abhören
Sicherheitsforscher zeigen grundlegendes Defizit auf - Mobilfunker haben angeblich bereits nachgebessert
https://www.derstandard.at/story/2000119401327/revolte-telefonanrufe-liessen-sich-trotz-verschluesselung-abhoeren
Goodbye EmoCrash - Schwachstelle in Emotet gefixed
Eine Schwachstelle im Code von Emotet ("EmoCrash" genannt) wurde seit geraumer Zeit in der Security Community als Präventionsmaßnahme gegenEmotet Infektionen verteilt. Die bisher einer breiten Öffentlichkeit nicht bekannte Schwachstelle in der Installationsroutine von Emotet konnte wirksamen Schutz vor einer Infektion bieten, in dem ein Buffer Overflow im Code dieser Routine ausgenutzt wurde um Emotet abstürzen zu lassen.
https://cert.at/de/aktuelles/2020/8/godbye-emocrash-schwachstelle-in-emotet-gefixed
Vulnerabilities
Security updates for Friday
Security updates have been issued by Debian (squid3), Fedora (lilypond and python3), openSUSE (xen), SUSE (libreoffice, libvirt, webkit2gtk3, xen, and xerces-c), and Ubuntu (apache2).
https://lwn.net/Articles/828811/
Security updates for Monday
Security updates have been issued by Debian (dovecot, htmlunit, jruby, libetpan, lucene-solr, net-snmp, and posgresql-9.6), Fedora (firefox, nss, qt, and thunderbird), Mageia (glib-networking, mumble, webkit2, and znc), openSUSE (balsa, chromium, firejail, hylafax+, libreoffice, libX11, perl-XML-Twig, thunderbird, wireshark, and xrdp), Red Hat (libvncserver), SUSE (libvirt and perl-PlRPC), and Ubuntu (dovecot and salt).
https://lwn.net/Articles/828945/
Security Bulletin: Financial Transaction Manager for ACH Services is affected by a potential information disclosure id 177835
https://www.ibm.com/blogs/psirt/security-bulletin-financial-transaction-manager-for-ach-services-is-affected-by-a-potential-information-disclosure-id-177835/
Security Bulletin: LDAP vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
https://www.ibm.com/blogs/psirt/security-bulletin-ldap-vulnerability-affects-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products/