GET cyber alerts list

{"pageSize":10,"total":440,"items":[{"severity":"High","basePath":"http://digital.nhs.uk/cyber-alerts/citrix-adc-and-gateway-remote-code-execution-vulnerability/citrix-adc-and-gateway-remote-code-execution-vulnerability","category":["Exploit"],"seosummaryJson":"Citrix has released information about a vulnerability in its Application Delivery Controller (ADC) and Gateway products that allows an unauthenticated threat actor to achieve Remote Code Execution (RCE). Citrix has advised affected customers to immediately apply its provided mitigation.","fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","headingLevel":"Main heading","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":"<p>Citrix has released information about a vulnerability in its Application Delivery Controller (ADC), Gateway, and software-defined wide area network (SD-WAN)&nbsp;products that allows an unauthenticated threat actor to achieve remote code execution (RCE). Citrix has advised affected customers to immediately apply its provided mitigation.</p>\n\n<p>The vulnerability is reported to occur from unsanitised handling of HTTP-based Virtual Private Network (VPN) requests. Multiple proof of concept exploits have now been released that target this vulnerability and security researchers have reported an increase in scanning activity attempting to identify vulnerable devices.</p>\n\n<p>Citrix ADC and Gateway were formerly branded as NetScaler products.</p>\n\n<p>For further information:</p>\n\n<ul>\n <li><a href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781\">CVE-2019-19781</a></li>\n <li><a href=\"https://support.citrix.com/article/CTX267027\">Citrix support article CTX267027</a></li>\n <li><a rel=\"nofollow\" href=\"https://www.kb.cert.org/vuls/id/619785/\" class=\"external-link\">CERT/CC Vulnerability Note VU#619785</a></li>\n <li><a href=\"https://www.us-cert.gov/ncas/alerts/aa20-020a\">CISA Alert AA20-020A</a></li>\n</ul>\n\n<p>&nbsp;</p>"}],"shortsummary":"Citrix has released details of a remote code execution (RCE) vulnerability and recommended steps for mitigation. Threat actors now appear to be targeting vulnerable devices.","threatType":"Vulnerability","threatvector":[],"threatAffects":[{"versionsAffected":["13.0, 12.1, 12.0. 11.1, and 10.5 (all supported builds)"],"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"<p>Citrix/NetScaler ADC</p>"},{"versionsAffected":["13.0, 12.1, 12.0. 11.1, and 10.5 (all supported builds)"],"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"<p>Citrix/NetScaler Gateway</p>"},{"versionsAffected":["Software and appliance models 5100, 4100, and 4000 (all supported builds)"],"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"<p>Citrix SD-WAN WANOP</p>"}],"threatUpdates":[],"remediationSteps":[{"type":"Action","link":"https://support.citrix.com/article/CTX267679","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Apply the mitigation provided by Citrix as soon as possible.</p>"},{"type":"Patch","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Citrix has released updates to address this vulnerability in their ADC and Gateway versions 11.1 and 12.0. Affected organisations are encouraged to review the following Citrix advisories and apply the necessary remediation immediately:</p>\n\n<ul>\n <li><a href=\"https://www.citrix.com/downloads/citrix-adc/\">Citrix ADC (NetScaler ADC) download page</a></li>\n <li><a href=\"https://www.citrix.com/downloads/citrix-gateway/\">Citrix Gateway (NetScaler Unified Gateway) download page</a></li>\n</ul>\n\n<p>Citrix has also confirmed that updates for the remaining affected ADC and Gateway versions will be published before the end of January 2020.</p>"},{"type":"Aware","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Both Citrix and the US Cybersecurity and Infrastructure Security Agency have released tools to identify vulnerable devices and verify if mitigation steps have been applied correctly. Please not that NHS Digital do not test or verify third-party tools and that organisations use them at their own risk:</p>\n\n<ul>\n <li><a href=\"https://support.citrix.com/article/CTX269180\">Citrix support article CTX269180</a></li>\n <li><a href=\"https://github.com/cisagov/check-cve-2019-19781\">check-cve-2019-19781</a></li>\n</ul>\n\n<p>&nbsp;</p>"}],"indicatorsCompromise":[{"sectionType":"expander","heading":"Network Activity","audience":"Most people","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"content":"<ul>\n <li><span>HTTP POST request to /vpns/portal/scripts/newbm.pl</span></li>\n</ul>"}],"ncscLink":"https://www.ncsc.gov.uk/news/citrix-alert","cveIdentifiers":[{"cveIdentifier":"CVE-2019-19781","cveStatus":"Master","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"cveText":"<p>An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.</p>"}],"publishedDate":1578960000000,"sourceOfThreatUpdates":["https://support.citrix.com/article/CTX267027"],"cyberAcknowledgements":[],"threatId":"CC-3327","title":"Citrix RCE Vulnerability in Multiple Products","versionedNode":false,"remediationIntro":"<p>Citrix has advised affected customers to immediately apply its provided mitigation and then update appliance firmware when fixed versions have been released.</p>","summary":"<p>Citrix has released information about a security flaw in its Application Delivery Controller (ADC) and Gateway products. Example programs have been published online that show attackers can take full control of these systems. NHS organisations may use these products to provide access to clinical applications and data. Citrix has advised affected customers to immediately follow its recommended steps to address the security flaw. Citrix expects to release updates for these products before the end of January.</p>"},{"severity":"Low","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-3267/cc-3267","category":["ransomware"],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":"<p>At the time of publication, it is unclear how MedusaLocker is delivered, although there are unconfirmed reports indicating it may be delivered via <a href=\"https://digital.nhs.uk/services/data-security-centre/cyber-security-glossary#watering-hole-attack\">watering hole attacks</a>.</p><p>Once installed, MedusaLocker will create registry keys to maintain persistence and provide access to mapped storage, before then removing or disabling any recovery services. It will then attempt to <a href=\"https://digital.nhs.uk/services/data-security-centre/cyber-security-glossary#encryption\">encrypt</a> all reachable non-system files using a hybrid AES-RSA scheme.</p>"}],"shortsummary":"First observed in early September 2019, MedusaLocker is a ransomware tool targeting users globally.","threatType":"Malware","threatvector":[""],"threatAffects":[{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"<ul><li>Microsoft Windows - All versions</li></ul>"}],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>If a device on your network becomes infected with ransomware it will begin encrypting local machine files and files on any network the logged-in user has permission to access. For system administration accounts this may include backup storage locations.</p><p><strong>To avoid becoming infected with ransomware, ensure that:</strong></p><ul><li>A robust program of education and awareness training is delivered to users to ensure they don’t open attachments or follow links within unsolicited emails.</li><li>All operating systems, <a href=\"/services/data-security-centre/cyber-security-glossary#anti-virus-software\">anti-virus</a> and other security products are kept up to date.</li><li>All day to day computer activities such as email and internet are performed using non-administrative accounts and that permissions are always assigned based on the principle of least privilege.</li><li>Your organisation adopts a holistic all-round approach to Cyber Security as advocated by the <a href=\"https://www.ncsc.gov.uk/guidance/10-steps-cyber-security\">10 Steps to Cyber Security</a>.</li></ul><p><strong>Identifying the source of infection:</strong><br> Identifying the affected device and disconnecting or quarantining it from the network is essential to damage limitation.</p><ul><li>Users should immediately report infections to their IT support provider, disconnect their network cable and power the computer down.</li><li>File auditing should be enabled, and file server <a href=\"/services/data-security-centre/cyber-security-glossary#log-files\">logs</a> should be monitored to detect signs of unauthorised encryption and allow the source of encryption to be identified (i.e. the infected device).</li></ul><p><strong>To limit the damage of ransomware and enable recovery:</strong><br> All critical data must be <a href=\"/services/data-security-centre/cyber-security-glossary#backup\">backed up</a>, and these backups must be sufficiently protected/kept out of reach of ransomware.</p><ul><li>Multiple backups should be created including at least one off-network backup (e.g. to tape).<br> The only guaranteed way to recover from a ransomware infection is to restore all affected files from their most recent backup.</li></ul>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1571871600000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-3267","title":"MedusaLocker Ransomware","versionedNode":false,"remediationIntro":"","summary":"<p>First observed in early September 2019, MedusaLocker is a <a href=\"/services/data-security-centre/cyber-security-glossary#Ransomware\">ransomware</a> tool targeting users globally.</p>"},{"severity":"Low","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-2932/cc-2932","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":""}],"shortsummary":"Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Users and administrators are encouraged to review Cisco Security Advisory <a href=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos\">cisco-sa-20190212-nae-dos</a> and apply the necessary update.</p>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1550016000000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-2932","title":"Cisco Releases Security Update","versionedNode":false,"remediationIntro":"","summary":"<p>Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information.</p>"},{"severity":"Medium","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-3180/cc-3180","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":""}],"shortsummary":"Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"<ul><li>Adobe Acrobat DC for macOS - Versions 2019.012.20034 (Cont.) / 2017.011.30142 (Classic 2017) / 2015.006.30497 (Classic 2015) and earlier</li><li>Adobe Acrobat DC for Windows - Versions  2019.012.20035 (Cont.) / 2017.011.30143 (Classic 2017) / 2015.006.30498 (Classic 2015) and earlier</li><li>Adobe Acrobat Reader DC for macOS - Versions 2019.012.20034 (Cont.) / 2017.011.30142 (Classic 2017) / 2015.006.30497 (Classic 2015) and earlier</li><li>Adobe Acrobat Reader DC for Windows - Versions 2019.012.20035 (Cont.) / 2017.011.30143 (Classic 2017) / 2015.006.30498 (Classic 2015) and earlier</li><li>Adobe After Effects CC - Versions 16 and earlier</li><li>Adobe Character Animator CC - Versions 2.1 and earlier</li><li>Adobe Creative Cloud Desktop Application - Versions 4.6.1 and earlier</li><li>Adobe Experience Manager - Versions 6.5 and 6.4</li><li>Adobe Photoshop CC - Versions 19.1.8 and earlier, or 20.0.5 and earlier</li><li>Adobe Prelude CC - Versions 8.1 and earlier</li><li>Adobe Premiere Pro CC - Versions 13.1.2 and earlier</li></ul>"},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""}],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Users and administrators to review the following Adobe Security Bulletins and apply the necessary updates:</p><ul><li>After Effects CC <a href=\"https://helpx.adobe.com/security/products/after_effects/apsb19-31.html\">APSB19-31 </a></li><li>Character Animator CC <a href=\"https://helpx.adobe.com/security/products/character_animator/apsb19-32.html\">APSB19-32 </a></li><li>Premiere Pro CC <a href=\"https://helpx.adobe.com/security/products/premiere_pro/apsb19-33.html\">APSB19-33 </a></li><li>Prelude CC <a href=\"https://helpx.adobe.com/security/products/prelude/apsb19-35.html\">APSB19-35 </a></li><li>Creative Cloud Desktop Application <a href=\"https://helpx.adobe.com/security/products/creative-cloud/apsb19-39.html\">APSB19-39 </a></li><li>Acrobat and Reader <a href=\"https://helpx.adobe.com/security/products/acrobat/apsb19-41.html\">APSB19-41 </a></li><li>Experience Manager <a href=\"https://helpx.adobe.com/security/products/experience-manager/apsb19-42.html\">APSB19-42 </a></li><li>Photoshop CC <a href=\"https://helpx.adobe.com/security/products/photoshop/apsb19-44.html\">APSB19-44 </a></li></ul>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1565737200000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-3180","title":"Adobe Releases Security Updates for Multiple Products","versionedNode":false,"remediationIntro":"","summary":"<p>Adobe has released security updates to address <a href=\"/services/data-security-centre/cyber-security-glossary#Vulnerability\">vulnerabilities</a> in multiple Adobe products. An attacker could exploit these <a href=\"/services/data-security-centre/cyber-security-glossary#Vulnerability\">vulnerabilities</a> to take control of an affected system.</p>"},{"severity":"Medium","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-3060/cc-3060","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":"<p>&nbsp;</p><p><strong>Update</strong>&nbsp;<time datetime=\"2019-05-20\">20 May 2019</time>&nbsp;</p><p>Microsoft has now released additional updates to address an issue where Internet Explorer 11 and Microsoft Edge could have been prevented from accessing .gov.uk websites that do not support HTTP Strict Transport Security (HSTS). Users and administrators are encouraged to review the following Windows Knowledge Base articles and apply the relevant updates:</p><ul><li><a href=\"https://support.microsoft.com/en-us/help/4505050/cumulative-update-for-internet-explorer\">KB4505050</"}],"shortsummary":"Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":".NET Core</li><li>.NET Framework</li><li>Adobe Flash Player</li><li>ASP.NET Core</li><li>Azure</li><li>Azure DevOps Server</li><li>ChakraCore</li><li>Internet Explorer</li><li>Microsoft Edge</li><li>Microsoft Office and Microsoft Office Services &amp; Web Apps</li><li>Microsoft Windows</li><li>NuGet</li><li>Online Services</li><li>Skype for Android</li><li>SQL Server</li><li>Team Foundation Server</li><li>Visual Studio"}],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Users and administrators are encouraged to review Microsoft’s <a href=\"https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/e5989c8b-7046-e911-a98e-000d3a33a34d\">May 2019 Security Update Summary</a> and <a href=\"https://support.microsoft.com/en-us/help/20190514/security-update-deployment-information-may-14-2019\">Deployment Information</a> and apply the necessary updates.</p>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1557874800000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-3060","title":"Microsoft Releases May 2019 Security Updates","versionedNode":false,"remediationIntro":"","summary":"<p>Microsoft has released updates to address multiple <a href=\"/services/data-security-centre/cyber-security-glossary#vulnerability\">vulnerabilities</a> in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.</p>"},{"severity":"Medium","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-3184/cc-3184","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":"<p>A remote authenticated attacker could exploit this vulnerability to take control of an affected system and extract sensitive information.</p>"}],"shortsummary":"Avaya have released a security update to address a buffer overflow vulnerability in a number of their Voice-over-IP phones.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Users and administrators are encouraged to review the Avaya security advisory <a href=\"https://downloads.avaya.com/css/P8/documents/101059945\">ASA-2019-128</a> and apply the necessary updates.</p>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1565823600000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-3184","title":"Avaya Releases Security Update","versionedNode":false,"remediationIntro":"","summary":"<p>Avaya have released a security update to address a buffer overflow <a href=\"/services/data-security-centre/cyber-security-glossary#Vulnerability\">vulnerability</a> in a number of their Voice-over-IP phones. A remote authenticated attacker could exploit this vulnerability to take control of an affected system and extract sensitive information.</p>"},{"severity":"Medium","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-3162/cc-3162","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":""}],"shortsummary":"Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"Apple iOS - Versions prior to 12.4</li><li>Apple macOS Mojave - Versions prior to 10.14.6</li><li>Apple macOS High Sierra - Versions 10.13.6 and earlier</li><li>Apple macOS Sierra - Versions 10.12.6 and earlier</li><li>Apple Safari - Versions prior to 12.1.2</li><li>Apple tvOS - Versions prior to 12.4</li><li>Apple watchOS - Versions prior to 5.3"},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""}],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Users and administrators are encouraged to review the Apple security pages for the following products and apply the necessary updates:</p><ul><li><a href=\"https://support.apple.com/en-us/HT210346\">iOS 12.4</a></li><li><a href=\"https://support.apple.com/en-us/HT210348\">macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra</a></li><li><a href=\"https://support.apple.com/en-us/HT210355\">Safari 12.1.2</a></li><li><a href=\"https://support.apple.com/en-us/HT210351\">tvOS 12.4</a></li><li><a href=\"https://support.apple.com/en-us/HT210353\">watchOS 5.3</a></li></ul>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1563836400000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-3162","title":"Apple Releases Multiple Security Updates","versionedNode":false,"remediationIntro":"","summary":"<p>Apple has released security updates to address <a href=\"/services/data-security-centre/cyber-security-glossary#vulnerability\">vulnerabilities</a> in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.</p>"},{"severity":"Low","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-3034/cc-3034","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":""}],"shortsummary":"Google has released Chrome version 74.0.3729.108 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"Google Chrome - Versions prior to 74.0.3729.108"}],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Users and administrators are encouraged to review the <a href=\"https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_23.html\">Chrome Releases page</a> and apply the necessary updates.</p>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1556060400000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-3034","title":"Google Releases Security Update for Chrome","versionedNode":false,"remediationIntro":"","summary":"<p>Google has released Chrome version 74.0.3729.108 for Windows, Mac, and Linux. This version addresses multiple <a href=\"/services/data-security-centre/cyber-security-glossary#vulnerability\">vulnerabilities </a>that an attacker could exploit to take control of an affected system.</p>"},{"severity":"Medium","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-2871/cc-2871","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":"<p>The vulnerability lies in how Exchange Server handles application objects in memory. Specially crafted emails received by the server can result in corruption of the system memory, which an attacker could then exploit to execute scripts or applications sent in the email in the context of the System account.</p><p>For further information:</p><ul><li><a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0586\">CVE-2019-0586</a></li></ul>"}],"shortsummary":"Microsoft have released details of a memory corruption vulnerability in the Exchange Server. An unauthenticated remote user could exploit this vulnerability to execute arbitrary code on an affected system.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"Microsoft Exchange - All versions"}],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Microsoft addressed this vulnerability in their <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0586\">CVE-2019-0586 Security Update Guide</a>. Users and administrators are encouraged to review this guide and apply the relevant updates.</p>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[{"cveIdentifier":"CVE-2019-0586","cveStatus":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"cveText":""}],"publishedDate":1547078400000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-2871","title":"Microsoft Exchange Memory Corruption Vulnerability","versionedNode":false,"remediationIntro":"","summary":"<p>Microsoft have released details of a memory corruption <a href=\"/services/data-security-centre/cyber-security-glossary#vulnerability\">vulnerability</a> in the Exchange Server. An unauthenticated remote user could exploit this vulnerability to <a href=\"/cyber-alerts/2019/Arbitrary-Code-Execution---ACE\">execute arbitrary code</a> on an affected system.</p>"},{"severity":"Low","basePath":"http://digital.nhs.uk/cyber-alerts/2019/cc-2971/cc-2971","category":[""],"fullTaxonomyList":[],"sections":[{"sectionType":"website-section","type":"","title":"","isNumberedList":false,"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"html":""}],"shortsummary":"Adobe has released security updates to address vulnerabilities in Adobe Digital Editions and Adobe Photoshop CC. An attacker could exploit these vulnerabilities to take control of an affected system.","threatType":"Vulnerability","threatvector":[""],"threatAffects":[{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":"Adobe Digital Editions - Versions 4.5.10.185749 and earlier</li><li>Adobe Photoshop CC - Versions 20.0.2/19.1.7 and earlier"},{"leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"platformText":""}],"threatUpdates":[],"remediationSteps":[{"type":"","link":"","leaf":false,"hippoDocumentBean":false,"hippoFolderBean":false,"versionedNode":false,"step":"<p>Users and administrators are encouraged to review Adobe Security Bulletins <a href=\"https://helpx.adobe.com/security/products/photoshop/apsb19-15.html\">APSB19-15</a> and <a href=\"https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html\">APSB19-16</a> and apply the necessary updates.</p>"}],"indicatorsCompromise":[],"ncscLink":"","cveIdentifiers":[],"publishedDate":1552348800000,"sourceOfThreatUpdates":[],"cyberAcknowledgements":[],"threatId":"CC-2971","title":"Adobe Releases Security Updates","versionedNode":false,"remediationIntro":"","summary":"<p>Adobe has released security updates to address <a href=\"/services/data-security-centre/cyber-security-glossary#vulnerability\">vulnerabilities</a> in Adobe Digital Editions and Adobe Photoshop CC. An attacker could exploit these vulnerabilities to take control of an affected system.</p>"}],"totalPages":44,"currentPage":1}