Alertes
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mardi 24 mars 2020

Remote-Code-Execution Vulnerabilities in All Versions of Windows (CERT-EU Security Advisory 2020-017)

On the 23th of March 2020, Microsoft released a security advisory for two remote-code-execution vulnerabilities affecting all versions of Windows. The two vulnerabilities are linked to the Adobe Type Manager Library. An attacker could exploit these vulnerabilities by convincing a user to open or preview a specially crafted document. Microsoft is aware of ongoing attacks which could exploit these 0-days vulnerabilities. A patch is not available yet but Microsoft provides advice on workarounds to limit the exploitability of the vulnerabilities.

Lien vers l'article source

Rockwell Automation FactoryTalk Services Platform .NET Remoting Endpoint RNADiagnosticsSrv.exe privilege escalation ProSoft Configurator up to 1.002 DLL Project File privilege escalation
Auteur: Cert EU

Catégories: CertEUNombre de vues: 249

x

Événements SSI