Oracle released a critical patch update to address multiple security vulnerabilities in Oracle code and in third party components included in Oracle products. As is Oracle practice, the patches are cumulative which requires data base admins to also review the previous patches.
The Microsoft Security Response Center released another security advisory concerning a Remote Code Execution (RCE) vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory.
The Microsoft Security Response Center has released an advisory on a Remote Code Execution vulnerability that exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets.
Microsoft released a security update to fix the Windows NTFS Remote Code Execution Vulnerability. A local attacker could run a specially crafted application that would elevate the attacker's privileges.
The QNAP security team released updates that address two critical security vulnerabilities in the Helpdesk app that could enable potential attackers to take over unpatched QNAP network attached storage (NAS) devices.
Microsoft Security Team advises that ‘an elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC).