A Vulnerability in OpenSSH
Could Allow for Remote Code Execution
A vulnerability has been discovered in OpenSSH, which could allow for remote code execution. OpenSSH is a suite of secure networking utilities based on the SSH protocol and is crucial for secure communication over unsecured networks. It is widely used in enterprise environments for remote server management, secure file transfers, and various DevOps practices. Successful exploitation of this vulnerability could allow for remote code execution in the context of the administrator account. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Systems:
- OpenSSH versions 8.7 and 8.8 and corresponding portable versions
Risk
- Large and medium business entities: High
- Small business entities: Medium
Remediation Recommendations
- Ensure all hosts using OpenSSH have the latest version(s) installed.
- Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it)
References
Multiple Vulnerabilities in Google Chrome
Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
Risk
- Large and medium business entities: High
- Small business entities: High
Remediation Recommendations
- Ensure all devices using Google Chrome have the latest version(s) installed
- Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it)
References
Critical Patches Issued for Microsoft Products
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.
Affected Systems:
- SQL Server
- Windows CoreMessaging
- Windows Secure Boot
- Windows MultiPoint Services
- Windows Remote Access Connection Manager
- Windows Cryptographic Services
- Microsoft Office SharePoint
- Windows Performance Monitor
- Windows Image Acquisition
- Line Printer Daemon Service (LPD)
- Windows Online Certificate Status Protocol (OCSP)
- XBox Crypto Graphic Services
- Windows Distributed Transaction Coordinator
- Windows Workstation Service
- Microsoft Graphics Component
- Microsoft Streaming Service
- Windows Internet Connection Sharing (ICS)
- Microsoft Windows Codecs Library
- Role: Active Directory Certificate Services; Active Directory Domain Services
- Windows Kernel-Mode Drivers
- Windows LockDown Policy (WLDP)
- Windows Remote Desktop Licensing Service
- Active Directory Federation Services
- Windows Win32 Kernel Subsystem
- Microsoft Defender for IoT
- Windows Fax and Scan Service
Risk
- Large and medium business entities: High
- Small business entities: Medium
Remediation Recommendations
- Ensure all Microsoft products have the latest version(s) installed.
- Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it)
References
Multiple Vulnerabilities in Mozilla Products
Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.
Affected Systems:
Risk
- Large and medium business entities: High
- Small business entities: Medium
Remediation Recommendations
- Ensure all versions of all Mozilla products are updated to their latest versions
- Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it)
References
Multiple Vulnerabilities in Adobe Products
Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Affected Systems:
- Adobe Premiere Pro 24.4.1 and earlier versions for Windows and macOS.
- Adobe Premiere Pro 23.6.5 and earlier versions for Windows and macOS.
- Adobe InDesign ID19.3 and earlier version for Windows and macOS.
- Adobe InDesign ID18.5.2 and earlier version for Windows and macOS.
- Adobe Bridge 13.0.7 and earlier versions for Windows and macOS.
- Adobe Bridge 14.1 and earlier versions for Windows and macOS.
Risk
- Large and medium business entities: High
- Small business entities: Medium
Remediation Recommendations
- Ensure all devices utilizing the above software have the latest version installed
- Enact the Principle of Least Privilege (limit higher-level privileges to only the users that need it)
References
