Email Recipients and Excel user’s beware….

CVE-2020-0653 | Microsoft Excel Remote Code Execution Vulnerability A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with ADMINISTRATIVE Read more about Email Recipients and Excel user’s beware….[…]

Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11.1 and 12.0 to address CVE-2019-19781. Citrix expects to release updates for other vulnerable versions of Citrix ADC, Gateway, and SD-WAN WANOP appliances through January 24, 2020. (See Mitigations for update schedule). A remote, unauthenticated attacker could Read more about Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP[…]

Windows Server 2008 and 2008 R2 end of support

On January 14, 2020, support for Windows Server 2008 and 2008 R2 will end. That means the end of regular security updates. Your infrastructure and applications will be unprotected. “Keyes Information Technology” is in the business to help businesses migrate. See the following for a sample migration guide: https://azure.microsoft.com/mediahandler/files/resourcefiles/azure-migration-guide-for-windows-server/Azure_Migration_Guide_for_Windows_Server.pdf The following is a list of Read more about Windows Server 2008 and 2008 R2 end of support[…]

Windows 7 ‘END OF LIFE’ Windows 10 is still FREE

“Your Windows PC is out of support,” states Microsoft’s full-screen alert. “As of January 14, 2020 support for Windows 7 has come to an end. Your PC is [now] more vulnerable to viruses and malware due to: No security updates, No Software updates, No tech support. Microsoft strongly recommends using Windows 10 on a new Read more about Windows 7 ‘END OF LIFE’ Windows 10 is still FREE[…]

Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0610. It has a base score of 9.8 in Read more about Remote Code Execution Vulnerability[…]

CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was Read more about CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability[…]

Security Updates

Google has released Chrome version 79.0.3945.130 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cyber-security and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.