Significant vulnerabilities were demonstrated as this year conference bringing in over $1.6million dollars in bug bounties! Within 90 Days we should see several patches released for the following: Kernel execution was achieved on all of the following Windows Exchange Server ...
Microsoft — CVE-2020-1350 This update resolves a flaw in all versions of Windows DNS Servers that would allow an attacker to gain Local System or Domain Admin privileges. This is also a wormable vulnerability, so make sure you patch all ...
Microsoft — CVE-2020-0688 tl;dr – Send or receive email and get RCE on Exchange Servers… yikes. All Exchange Servers installations in the world share a crypto-key. This update resolves a flaw in Exchange Server versions 2010 to 2019 where just ...
Microsoft — CVE-2020-0601 This update resolves a flaw in all versions of Windows that are versions Windows 10 and Server 2016 and higher which allows the ability for executable signed code to spoof legitimate certificates. ...
Updates Citrix has published the update firmware for all the NetScaler Appliances Citrix — CVE-2019-19781 Citrix has posted a Security Advisory in which their NetScaler and ADC controllers are vulnerable RCE flaw by an unauthenticated user to gain root-level access. ...
Short: With the release of the May 2018 updates Microsoft is changing the default behavior of a setting from Vulnerable to Mitigated. This may affect applications that rely on CredSSP such as but not limited to RDP and WinRM. What ...