The Android security bulletin for March, published last March 6, contains 15 vulnerabilities that we discovered and privately disclosed to Google. Like some of our previous discoveries, many of these new vulnerabilities concern Mediaserver, which is the component responsible for scanning and indexing all available media files in the Android operating system.Read More
Patch Tuesday for March is a hefty one, with essentially two months’ worth of updates after Microsoft quietly delayed its February patch release. Notable among the critical updates bulletins is MS17-012, which resolves several vulnerabilities, including CVE-2017-0016, a zero-day vulnerability involving Windows Server Message Block (SMB).Read More
by Jeanne Jocson and Jennifer Gumban Linux has long been the preferred operating system for enterprise platforms and Internet of Things (IoT) manufacturers. Linux-based devices are continually being deployed in smart systems across many different industries, with IoT gateways facilitating connected solutions and services central to different businesses. In connection to their widespread use, we’ve…Read More
Apache Struts is a free and open-source framework used to build Java web applications. We looked into past several Remote Code Execution (RCE) vulnerabilities reported in Apache Struts, and observed that in most of them, attackers have used Object Graph Navigation Language (OGNL) expressions. The use of OGNL makes it easy to execute arbitrary code remotely because Apache Struts uses it for most of its processes.
Using OGNL, a researcher found a new remote code execution vulnerability in Apache Struts 2, designated as CVE-2017-5638. An exploit has been reported to be already in the wild; our own research and monitoring have also seen attacks using the vulnerability.Read More
Due to three recently disclosed Microsoft vulnerabilities, the use of Intrusion prevention system (IPS) protection to shield against vulnerabilities (often referred to as Virtual Patching) is back in the spotlight. These allow systems to be protected even if patches have not yet been released by vendors.Read More