he Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. BtCIRT recommended users and administrators to review Samba security announcement CVE-2022-42898 and apply the necessary updates....
Microsoft Releases November 2022 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommended users and administrators to review Microsoft’s November 2022 Security Update Guide and Deployment Information and apply the necessary updates....
VMware Releases Security Updates
VMware has released security updates to address multiple vulnerabilities in VMware Workspace ONE Assist. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommended users and administrators to review VMware Security Advisory VMSA-2022-0028 and apply the necessary updates and workarounds....
Citrix Releases Security Updates for ADC and Gateway
Citrix has released security updates to address vulnerabilities in Citrix ADC and Citrix Gateway. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Therefore, BtCIRT recommended users and administrators to review Citrix Security Updates CTX463706 and apply the necessary updates....
OpenSSL Releases Security Update
OpenSSL has released a security advisory to address two vulnerabilities, CVE-2022-3602 and CVE-2022-3786, affecting OpenSSL versions 3.0.0 through 3.0.6. Both CVE-2022-3602 and CVE-2022-3786 can cause a denial of service. According to OpenSSL, a cyber threat actor leveraging CVE-2022-3786, “can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution,” allowing them to take control of an affected system. BtCIRT recommended users and administrators to review the OpenSSL advisory, blog, OpenSSL 3.0.7 announcement, and upgrade to OpenSSL 3.0.7. For additional information on...