Cyware Daily Threat Intelligence May 16, 2018

Top Vulnerabilities Reported in the Last 24 Hours
Weaponized PDF file
Two fully-working zero-day exploits have been exposed by an unidentified hacker group. The two vulnerabilities--dubbed CVE-2018-4990 and CVE-2018-8120--affect Adobe's Acrobat/Reader PDF viewer and Win32k component of Windows respectively. A malicious PDF sample has been found uploaded to a public repository that can download and execute a JavaScript code.

Microsoft releases updates
Three new updates--KB4100347, KB4134660 and KB4134661--have been released by Microsoft for Windows 10. KB4100347 is related to the Spectre v2 mitigations and contains additional CPU microcode updates for Intel processors. KB4134660 and KB4134661 provide notifications of an improved privacy experience.

Red Hat issues security updates
Security updates have been released by Red Hat to address a vulnerability in its Dynamic Host Configuration Protocol (DHCP) client packages for Enterprise Linux 6 and 7. The command injection flaw, traced CVE-2018-1111, was found in the NetworkManager integration script included in the DHCP client packages.



Tags


    • Share this blog:
    To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.