RCE – Page 14 – WindowsTechs.com

What do you mean, ‘Windows bug in Linux’? [Chet Chat Podcast 261]

Posted on May 29, 2017 by Paul Ducklin

The Chet Chat is back! Join us for the latest episode of our popular security podcast. Continue reading What do you mean, ‘Windows bug in Linux’? [Chet Chat Podcast 261]→

Samba exploit – not quite WannaCry for Linux, but patch anyway!

Posted on May 26, 2017 by Paul Ducklin

SMB is the Windows networking protocol, so SMB security holes like the one that led to WannaCry can’t happen on Linux/Unix, right? Wrong! Continue reading Samba exploit – not quite WannaCry for Linux, but patch anyway!→

Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution

Posted on May 23, 2017 by Tom Spring

Attackers can remotely execute code on targeted systems via specially crafted subtitle files for videos. Continue reading Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution→

Skype Fixes ‘SPYKE’ Credential Phishing Remote Execution Bug

Posted on April 21, 2017 by Chris Brook

Microsoft fixed a bug in Skype last month that could have allowed an attacker to execute code on the system it was running on, phish Skype credentials and crash the application.

Continue reading Skype Fixes ‘SPYKE’ Credential Phishing Remote Execution Bug→

VMware Fixes Critical RCE in vCenter Server

Posted on April 17, 2017 by Chris Brook

VMware patched a critical vulnerability in its vCenter Server platform late last week that could have let an attacker execute arbitrary code in some scenarios. Continue reading VMware Fixes Critical RCE in vCenter Server→

‘High Risk’ Zero Day Leaves 200,000 Magento Merchants Vulnerable

Posted on April 13, 2017 by Tom Spring

A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk. Continue reading ‘High Risk’ Zero Day Leaves 200,000 Magento Merchants Vulnerable→

Malware, Sir? Jenkins ‘software butler’ tool gets many security fixes

Posted on April 12, 2017 by Paul Ducklin

You patched the operarting system, you patched your apps, but did you patch your plugins? Continue reading Malware, Sir? Jenkins ‘software butler’ tool gets many security fixes→

Microsoft Patches Three Vulnerabilities Under Attack

Posted on April 11, 2017 by Tom Spring

Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan. Continue reading Microsoft Patches Three Vulnerabilities Under Attack→

GitHub Code Execution Bug Fetches $18,000 Bounty

Posted on March 17, 2017 by Chris Brook

GitHub awarded $18,000 to a researcher after he came across a remote code execution bug in the company’s enterprise management console. Continue reading GitHub Code Execution Bug Fetches $18,000 Bounty→

VU#834067: Apache Struts 2 is vulnerable to remote code execution

Posted on March 14, 2017 by CERT

Apache Struts,versions 2.3.5 – 2.3.31 and 2.5 – 2.5.10,is vulnerable to code injection leading to remote code execution(RCE). Continue reading VU#834067: Apache Struts 2 is vulnerable to remote code execution→