CERT-In on Wednesday issued alerts for multiple vulnerabilities in Microsoft products including Microsoft Exchange, Microsoft Windows Support Diagnostic Tool, and Red Hat Linux Kernel. The vulnerabilities are said to be used by remote attackers to access sensitive information and execute arbitrary code on Microsoft products while in Red Hat Linux Kernel they can be exploited to gain elevated privileges and access sensitive information
CERT-In on Wednesday issued alerts for multiple vulnerabilities in Microsoft products including Microsoft Exchange, Microsoft Windows Support Diagnostic Tool, and Red Hat Linux Kernel. The vulnerabilities are said to be used by remote attackers to access sensitive information and execute arbitrary code on Microsoft products while in Red Hat Linux Kernel they can be exploited to gain elevated privileges and access sensitive information
In Microsoft Products
Microsoft products include Windows, Microsoft Office, Microsoft Exchange server, Azure, System Centre Operations Manager, and Visual Studio, which can be exploited by an attacker to access sensitive information, bypass security restriction, perform denial of services and spoofing attacks or execute arbitrary codes on the targeted systems.
(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)
On Microsoft Windows and Office, the vulnerabilities can be used by remote attackers to gain elevated privileges, disclose information by bypassing security restrictions and cause denial of services.
In Microsoft Exchange Server and Azure, the vulnerabilities can be used by attackers to disclose information by gaining elevated privileges on the targeted system. The high severity vulnerability in Microsoft Exchange can be used by an attacker to read email messages on targeted systems.
The vulnerability in Exchange exists due to improper access restrictions and attackers are known to exploit this by enticing victims to open specially-crafted content.
And while the vulnerabilities in System Centre Operations Manager can allow attackers to gain elevated privileges, in Visual Studio attackers can remotely execute codes to perform spoofing attacks.
Vulnerabilities of high severity have also been reported in Microsoft Windows Support Diagnostic Tool (MSDT) which could allow a remote attacker to execute arbitrary code on the targeted system.
According to CERT-In, this vulnerability exists due to a path transversal weakness and has been used by remote attackers by sending specially-crafted requests on targeted systems.
Applying appropriate software updates has been recommmended to fix the vulnerabilities.
In Red Hat Linux Kernel
The vulnerabilities with medium severity in Red Hat Linux Kernel exist due to information leak in scsiioctIO); use-after-free in to new tfilter) in net/sched/cls_api.c; Incomplete cleanup of multi-core shared buffers (aka SBDR), microarchitectural fill buffers (aka BDS) and specific special register write operations (aka DRP.
These vulnerabilities have been reported to be exploited by sending specially crafted requests to gain elevated privileges in targeted systems.
Successful exploitation of these vulnerabilities can allow attackers to obtain sensitive information or gain elevated privileges.
Applying appropriate software patches has been suggested to fix these vulnerabilities.
CERT-In identifies multiple vulnerabilities in Microsoft products and Red Hat Linux Kernel & Latest News Update
CERT-In identifies multiple vulnerabilities in Microsoft products and Red Hat Linux Kernel & More Live News
All this news that I have made and shared for you people, you will like it very much and in it we keep bringing topics for you people like every time so that you keep getting news information like trending topics and you It is our goal to be able to get
all kinds of news without going through us so that we can reach you the latest and best news for free so that you can move ahead further by getting the information of that news together with you. Later on, we will continue
to give information about more today world news update types of latest news through posts on our website so that you always keep moving forward in that news and whatever kind of information will be there, it will definitely be conveyed to you people.
CERT-In identifies multiple vulnerabilities in Microsoft products and Red Hat Linux Kernel & More News Today
All this news that I have brought up to you or will be the most different and best news that you people are not going to get anywhere, along with the information Trending News, Breaking News, Health News, Science News, Sports News, Entertainment News, Technology News, Business News, World News of this made available to all of you so that you are always connected with the news, stay ahead in the matter and keep getting today news all types of news for free till today so that you can get the news by getting it. Always take two steps forward
Credit Goes To News Website – This Original Content Owner News Website . This Is Not My Content So If You Want To Read Original Content You Can Follow Below Links