• mehdi@mkvlab.at
September 21, 2024

VMSA-2024-0019 – VMware vCenter Server and VMware Cloud Foundation vulnerabilities

VMware has released a security advisory that addresses vulnerabilities CVE-2024-38812 and CVE-2024-38813. These vulnerabilities can allow for heap-overflow and privilege escalation attacks. VMware has published fixes for both vulnerabilities in VMware Cloud Foundation and vCenter Server. Impacted Products: CVE-2024-38812 | VMware vCenter Server heap-overflow vulnerability Description:The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. VMware […]

Security 0
June 22, 2024

VMSA-2024-0012 – VMware vCenter Server – Multiple Vulnerabilities

VMware has addressed several critical vulnerabilities CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081 in the vCenter Server that could allow remote code execution (RCE) or privilege escalation. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products:VMware Cloud FoundationVMware vCenter Server CVE-2024-37079 & CVE-2024-37080 – Multiple heap overflow vulnerabilities with the DCERPC protocol. The severity of this vulnerability has the maximum […]

Security 0
April 23, 2024

Exchange Server 2019 and 2016 Hotfix Update

Microsoft released a hotfix for Exchange Server 2016 and 2019 which includes some fixes but most importantly includes a very important feature, Hybrid Modern Authentication support for OWA and ECP in Exchange Server 2019 CU14. in this link, you find the Microsoft original KB regarding the hotfix and some useful information. Exchange 2019 CU14 HU2 15.02.1544.011 Download Exchange 2019 CU13 HU6 15.02.1258.034 […]

Microsoft 0
February 7, 2024

VMSA-2024-0002 – VMware Aria Operations for Networks – multiple vulnerabilities

Multiple vulnerabilities in Aria Operations for Networks were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. CVE(s): CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 Impacted Products: VMware Aria Operations for Networks (formerly vRealize Network Insight) Description: Aria Operations for Networks contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be […]

Security 0
November 15, 2023

Exchange Server Security Updates – November 2023

Microsoft released several SUs for Microsoft Exchange Server 2016, 2019 addressing found vulnerabilities in these products. Microsoft encourages customers to apply SU due to the critical nature of these vulnerabilities. Exchange Online customers are already protected from the vulnerabilities addressed by these SUs and do not need to take any action. Microsoft has released Security Updates for vulnerabilities found in: […]

Microsoft 0
July 2, 2021

PrintNightmare – Print Spooler Remote Code Execution Vulnerability

All Windows systems are vulnerable!!! Microsoft (01.07.2021) has published the information related to  remote code execution vulnerability that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability -nicknamed PrintNightmare-. A remote code execution vulnerability exists when the Windows Print Spooler service is improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code […]

Microsoft 0
April 14, 2021

Security Update Exchange Server 2013-2019 | Pwn2Own Vulnerability

Microsoft has released critical security update -April 2021- for on-premises Exchange Servers 2013, 2016 and 2019 to fix the following Remote Code Execution vulnerabilities: CVE-2021-28480 | Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-28481 | Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-28482 | Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-28483 | Microsoft Exchange Server Remote Code Execution Vulnerability […]

Microsoft 0
March 7, 2021

Exchange Servers 0-day exploits -HAFNIUM-

On March 2, 2021 Microsoft has released several security update for Microsoft Exchange Server to address the vulnerabilities that has beed exposed targeting on-premises version of Exchange server. Microsoft has categorised this as a critical vulnerabilities and recommended the update the Exchange Server as soon as possible. The Exchange versions affected are:  NOTE: Exchange Online is not affected. also Microsoft Exchange Server 2010 […]

Microsoft 1
June 21, 2017

Check SHA1 and MD5 Hash on your Mac

SHA hashing is frequently used with distribution control systems to determine revisions and to check data integrity by detecting file corruption or tampering. For common usage, a SHA checksum provides a string that can be used to verify a file has been transferred as intended. If SHA checksums match, the integrity of the files has been maintained. Using SHA1 hash […]

Security 0

Categories

Consulting

I am available for remote consulting and support.

Click here for Resume Download

Archives

Recent Posts