Microsoft Office Excel – Security Feature Bypass

 

Description: To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software.

Threat: A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1457

 

Adobe Illustrator – Arbitrary Code Execution Vulnerability

 

Description: Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability.

Threat: An attacker who exploited the vulnerability could execute arbitrary code.

Criticality: High

Update/Patch: https://helpx.adobe.com/security/products/illustrator/apsb19-36.html

 

WhatsApp – Remote Code Execution Vulnerability

 

Description: A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user.

Threat:  Successful exploitation of this vulnerability could lead to Denial of Service Attacks (DoS) or Remote Code Execution (RCE).

Criticality: Medium

Update/Patch: https://www.facebook.com/security/advisories/cve-2019-11931

 

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Register your email to receive the latest news and updates from getNEXT.

You have Successfully Subscribed!

Share This

Contacting us to better serve you

 

Dear customers,

We continue to experience higher-than-normal volumes of phone requests related to remote working arrangements. Therefore, if you have a support issue or need to contact us, we ask that you please email support@getnext.com.au first with your contact details, your business name and the nature of your issue. If you already have a ticket number, please respond to the ticket email received.

Regards,

The getNEXT Team