Cyware Daily Threat Intelligence May 16, 2018

Share Blog post

Top Vulnerabilities Reported in the Last 24 Hours
Weaponized PDF file
Two fully-working zero-day exploits have been exposed by an unidentified hacker group. The two vulnerabilities--dubbed CVE-2018-4990 and CVE-2018-8120--affect Adobe's Acrobat/Reader PDF viewer and Win32k component of Windows respectively. A malicious PDF sample has been found uploaded to a public repository that can download and execute a JavaScript code.

Microsoft releases updates
Three new updates--KB4100347, KB4134660 and KB4134661--have been released by Microsoft for Windows 10. KB4100347 is related to the Spectre v2 mitigations and contains additional CPU microcode updates for Intel processors. KB4134660 and KB4134661 provide notifications of an improved privacy experience.

Red Hat issues security updates
Security updates have been released by Red Hat to address a vulnerability in its Dynamic Host Configuration Protocol (DHCP) client packages for Enterprise Linux 6 and 7. The command injection flaw, traced CVE-2018-1111, was found in the NetworkManager integration script included in the DHCP client packages.


 Tags

Posted on: May 16, 2018



More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.