Skip to main content

All version of Samba from 4.0.0 onwards are vulnerable to a use after free vulnerability, where a malicious SMB1 request can be used to control the contents of heap memory via a deallocated heap pointer. This maybe exploited to compromise a server. Administrators are advised to patch up.

Microsoft released guidance to ensure that Microsoft Office applications are properly secured when processing Dynamic Data Exchange (DDE) Fields.

The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organisations to develop, purchase and maintain applications and APIs that can be trusted.

The Global Cyber Alliance (GCA) and its partners (IBM Security & Packet Clearing House) have launched a DNS service that will assist user’s improve their privacy and security protection against web based threats.

All WordPress versions below 4.8.2 are vulnerable to an SQL injection attack via the WordPress plugins and themes.
Adobe has released an out-of-band patch for Flash in response to a zero-day vulnerability that’s being exploited in the wild.