NCERT | National Computer Emergency Response Team Philippines

Microsoft Releases August 2024 Patch Tuesday Security Updates

Microsoft has released its August 2024 Patch Tuesday security updates to fix multiple vulnerabilities across its products. Based on the official Microsoft release notes, there are 89 Microsoft CVEs, of which eight vulnerabilities are classified as ‘Critical’, two are ‘Moderate’ and the rest are designated as ‘Important’. Additionally, 12 non-Microsoft CVEs are included.” _____________________________ A. continue reading : Microsoft Releases August 2024 Patch Tuesday Security Updates

Global IT Service Outage

A faulty update from a cybersecurity provider has caused a global IT Service outage, resulting ina blue screen of death on Windows operating systems with installed Crowdstrike securityproducts. As of 07/19/2024, 5:45 PM, the CEO of CrowdStrike provided a statement on X:, “CrowdStrikeis actively working with customers impacted by a defect found in a single continue reading : Global IT Service Outage

Microsoft Releases July 2024 Patch Tuesday Security Updates

Microsoft has released its July 2024 Patch Tuesday security updates to fix multiple vulnerabilities across its products. Based on the official Microsoft release notes, there are 139 Microsoft CVEs, of which two vulnerabilities (CVE-2024-38080 and CVE-2024-38112), classified as ‘Important,’ have been detected being exploited in the wild. _____________________________ A. List of the Vulnerabilities Kindly check continue reading : Microsoft Releases July 2024 Patch Tuesday Security Updates

regreSSHion, CVE-2024-6387 Remote Code Execution (RCE) vulnerability in OpenSSH’s server

The Qualys Threat Research Unit (TRU) discovered an unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems that grants full root access. It affects the default configuration and does not require user interaction.This vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, reported in 2006. Qualys Threat Researchers says that it continue reading : regreSSHion, CVE-2024-6387 Remote Code Execution (RCE) vulnerability in OpenSSH’s server

PHP CGI Argument Injection Vulnerability (CVE-2024-4577)

Researchers at DEVCORE found a serious vulnerability in PHP that could allow attackers to remotely execute malicious code on affected servers. Due to PHP’s widespread use and the simplicity of exploiting this flaw, DEVCORE classified it as critical and swiftly reported it to the PHP development team. A fix was released on June 6th, 2024. continue reading : PHP CGI Argument Injection Vulnerability (CVE-2024-4577)