Page 17 - Threat Intelligence 8-16-2019
P. 17

Threat Alerts




           And Advisories








              Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability
              Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-
              2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected
              system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
              administrators to review the Microsoft Security Advisory and apply the necessary update.



              Multiple HTTP/2 Implementation Vulnerabilities
              The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting
              HTTP/2 implementations. An attacker could exploit these vulnerabilities to cause a denial-of-service
              (DoS) condition. Attacks can consume excessive system resources and lead to distributed DoS
              (DDoS) attacks. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
              administrators to review CERT/CC’s Vulnerability Note VU#605641 for more information and refer
              to vendors for updates.



              Microsoft Releases August 2019 Security Updates
              Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote
              attacker could exploit some of these vulnerabilities to take control of an affected system. The
              Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to
              review Microsoft’s August 2019 Security Update Summary and Deployment Information and apply
              the necessary updates.


              Intel Releases Security Updates
              Intel has released security updates to address vulnerabilities in multiple products. An attacker could
              exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected
              machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and
              administrators to review the following Intel advisories and apply the necessary updates:
                     • RAID Web Console 2 Advisory INTEL-SA-00246
                     • NUC Advisory INTEL-SA-00272
                     • Authenticate Advisory INTEL-SA-00275
                     • Driver and Support Assistant Advisory INTEL-SA-00276
                     • Remote Displays SDK Advisory INTEL-SA-00277
                     • Processor Identification Utility for Windows Advisory INTEL-SA-00281
                     • Computing Improvement Program Advisory INTEL-SA-00283














                                                    www.accumepartners.com
                                                                                                                    17
   12   13   14   15   16   17   18   19   20   21   22