Severity Rating: Critical
Revision Note: V1.0 (August 9, 2016): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user views specially crafted PDF content online or opens a specially crafted PDF document. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Monthly Archives: August 2016
MS16-096 – Critical: Cumulative Security Update for Microsoft Edge (3177358) – Version: 1.0
Severity Rating: Critical
Revision Note: V1.0 (August 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.
MS16-099 – Critical: Security Update for Microsoft Office (3177451) – Version: 1.0
Severity Rating: Critical
Revision Note: V1.0 (August 9, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
A Month Without Adobe Flash Player Patches
Adobe rolled out patches for four vulnerabilities in Adobe Experience Manager, the first time since January its monthly patch release cycle has not included a Flash Player security update.
How Your Computer Monitor Could Be Hacked To Spy On You
Just stop believing everything you see on your screen, as it turns out that even your computer monitor can be hacked.
You have seen hackers targeting your computer, smartphone, and tablet, but now, it has been proved that they can even compromise your monitor and turn them against by just changing the pixels displayed on the screen.
Although changing pixels is really hard and complicated, a
Payment card (in)security and you
A Russian cyber-crime group seems to have hacked their way into the computer systems at Oracle.
The post Payment card (in)security and you appeared first on Avira Blog.
Misuse of Language: ‘Cyber’; When War is Not a War, and a Weapon is Not a Weapon
In this Threatpost op-ed, Dave Dittrich and Katherine Carpenter discuss the imprecision in language surrounding “cyber war” and “cyber weapons,” and explain how this may contribute to bad law and policy.
Nemucod is back and serving an ad-clicking backdoor instead of ransomware
The trojan downloader Nemucod is back with a new campaign. However, it has changed the payload served to its victims – ransomware is not its go-to malware.
The post Nemucod is back and serving an ad-clicking backdoor instead of ransomware appeared first on We Live Security.
Car hacking: Defcon style
This year at Defcon, the car hacking village is bigger than ever, says Cameron Camp. Key observation? The tools are getting better.
The post Car hacking: Defcon style appeared first on We Live Security.
NIST: It’s time move on from SMS 2FA
According to the National Institute of Standards and Technology (NIST) at the US Department of Commerce, it is time to move on from SMS 2FA.
The post NIST: It’s time move on from SMS 2FA appeared first on We Live Security.
