vulnerability
New security flaw in Windows 10
Google Project Zero discovered a new security issue that was tested on Windows 10 Version 1709.
Cisco released a second fix for a critical vulnerability in its ASA
Cisco engineers found other attack vectors and features that are affected by CVE-2018-0101 vulnerability that were not originally identified by the NCC Group and subsequently updated the security advisory.
ISC has released security updates for BIND
Vulnerability CVE-2017-3145 affects all versions of BIND since 9.9.0, released in 2000, and can lead to denial-of-service and crash.
No more Windows security updates for devices with incompatible antiviruses
Microsoft has added important note on the support page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches.
Performance impact of Spectre and Meltdown patching on Windows Systems
Windows 7 and Windows 8 users running older processors will be most affected by performance issues.
VMware released patches for three critical vulnerabilities
Vulnerabilities affected vSphere Data Protection (VDP) and allowed authentication bypass, arbitrary file upload and path traversal.
Intel identified several security vulnerabilities in Management Engine, Server Platform Services and Trusted Execution Engine
In response to issues identified by external researchers, Intel performed a security review of Management Engine (ME), Server Platform Services (SPS) and Trusted Execution Engine (TXE) and identified several security vulnerabilities.
New attack scheme on Office 365 corporate users
New attack dubbed «KnockKnock» because attackers «knock» on backdoor system accounts to infiltrate entire O365 environments.
Researchers found a new method to bypass protection against Rowhammer attack
Experts have discovered a new way to bypass the protection against Rowhammer attacks, aimed at DRAM-memory.
Positive Technologies’ researchers detected a way that partially disables the functionality of Intel ME
During the study of internal architecture of Intel Management Engine (ME) 11, Positive Technologies experts discovered an undocumented mode that allows to partially disable the functionality of the technology.