Virtualization technology is great, but it does add new attack surface. CrowdStrike disclosed a new QEMU vulnerability that affects many popular virtualization platforms. In today's video, I quickly summarize the issue, and share what you can do about it. (Episode Runtime: 2:10) Direct YouTube Link: https://www.youtube.com/watch?v=rNmDMq6vhyM EPISODE REFERENCES: QEMU VENOM … [Read more...]
Windows 8.x and Server 2012 Suffer From Local EoP Vulnerability
Severity: Medium Summary: These vulnerabilities affect: Windows 8.x, Server 2012, and RT How an attacker exploits it: By running a specially crafted application Impact: A local low privileged attacker can gain SYSTEM privileges on your Windows computers What to do: Deploy the appropriate update at your convenience, or let Windows Automatic Update do it for … [Read more...]
Windows Updates Mend Critical Journal Vulnerability & More
Severity: High Summary: These vulnerabilities affect: All current versions of Windows (and related components like XML Core Services) How an attacker exploits them: Multiple vectors of attack, including enticing you to malicious web sites, or into interacting with malicious documents or images. Impact: In the worst case, an attacker can gain complete control of your Windows … [Read more...]