The Information Security Office wants to make you aware that a number of vulnerabilities affecting Microsoft Office and Adobe Acrobat were disclosed this week. Furthermore, we have been made aware that savvy criminals are launching phishing campaigns to deliver malware (such as viruses, Trojans, worms, etc.) by sending specially crafted documents (like pdf, PowerPoint) attached [...]
Archive for category Advisories
The Microsoft Security Advisory (found here) describes a new, un-patched vulnerability in all currently supported versions of Windows except Server 2003. Successful exploitation of this vulnerability would allow an attacker to gain the same rights on the machine as the current user.
Exploitation of this vulnerability requires the user to open a specially crafted Microsoft Office [...]
Also known as “Poodle”, this vulnerability could allow an attacker to steal web site login information or payment data.
“A vulnerability exists within the SSL version 3.0 protocol… allowing an attacker to hijack and decrypt session cookies that are utilized between a user’s web browser and the web site. This could lead to attackers obtaining enough [...]
Several important vulnerabilities in Microsoft products, including Windows, Office, .NET, Internet Explorer, were released today along with patch information. They are:
Vulnerabilities in .NET Framework Could Allow Remote Code Execution (MS14-057)
Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (MS14-058)
Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (MS14-061)
Cumulative Security Update for [...]
There is a new exploit that has hit the internet called BadUSB that poses a Security threat based on USB devices. Instructions and applications to create infected USB devices are available on the internet. The exploit allows installation into the USB’s firmware where it is run automatically when plugged into a computer system. The firmware [...]