Advisories

1.0 Introduction

Google has released Chrome version 45.0.2454.101 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are advised to apply the necessary update.

2.0 Impact

This update which includes 2 security fixes to address vulnerabilities. Table 1 below listed the security fixes:

3.0 Affected Products

Listed below are the affected products:

• Google Chrome for Windows, Mac and Linux.

4.0 Recommendations

Users are recommended to upgrade to Google Chrome 44.0.2403.89. The latest Google Chrome can be downloaded from this URL:

• Windows users: https://www.google.com/chrome/browser/?platform=win
• Linux users: https://www.google.com/chrome/browser/?platform=linux
• Mac users: https://www.google.com/chrome/browser/?platform=mac

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail: [email protected] or [email protected] 
Phone: 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Mobile: +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web: https://www.mycert.org.my
Twitter: http://www.twitter.com/mycert
Cyber999 Mobile Apps: IOS Users or Android Users

5.0 References

• US-CERT: Google Releases Security Update for Chrome,
  https://www.us-cert.gov/ncas/current-activity/2015/09/25/Google-Release-Security-Update-Chrome-0


• Chrome Release: Stable Channel Update,
  http://googlechromereleases.blogspot.my/2015/09/stable-channel-update_24.html

1.0 Introduction

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Mozilla encourages users and administrators to review Mozilla's Security Updates and apply the necessary updates.

These updates address vulnerabilities that could potentially allow an attacker to take control of an affected system. 

The available updates are:

• Firefox 41
• Firefox ESR 38.3

MyCERT highly recommended users of these applications to upgrade to the latest version of the affected products. The following updates are available as below:
 

4.1 Mozilla Firefox 41

Advisories can be referred at:
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41/

Can be downloaded at:
https://www.mozilla.org/en-GB/firefox/new/

 

4.2 Mozilla Firefox ESR 38.3

Advisories can be referred at:
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.3

Can be downloaded at:
https://www.mozilla.org/en-US/firefox/organizations/all/

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected] 
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Handphone : +6019-2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users

5.0 References

• US-CERT Security Advisory
  https://www.us-cert.gov/ncas/current-activity/2015/09/22/Mozilla-Releases-Security-Updates-Firefox


• Mozilla Foundation Security Advisories
  https://www.mozilla.org/en-US/security/advisories/

1.0 Introduction

Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, ChromeOS, and Linux. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-23 and apply the necessary updates. 

2.0 Impact

 These updates address exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

3.0 Affected Products

The affected products of Adobe Flash Player is as listed in the Table 1:

Table 1: Adobe Flash Player Affected Product

4.0 Recommendation

MyCERT highly recommended users of these applications to upgrade to the latest version of the affected products:

4.1 Adobe Flash Player Desktop Runtime for Windows and Macintosh, should update to version 19.0.0.185, via:

• Flash Player Download Center:
  http://get.adobe.com/flashplayer/

• or  update mechanism within the product when prompted

4.2 Adobe Flash Player Extended Support Release should update to version 18.0.0.241, via:

• Extended Support
  https://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html

4.3 Adobe Flash Player for Google Chrome should update to Adobe Flash Player 19.0.0.185, via:

• Google Chrome Releases
  http://googlechromereleases.blogspot.my/

4.4 Adobe Flash Player for Microsoft Edge and Internet Explorer 11, should update to Adobe Flash Player 19.0.0.185, via:

• Microsoft Security Advisory
  https://technet.microsoft.com/en-us/library/security/2755801

4.5 Adobe Flash Player installed with Internet Explorer 10 and Internet Explorer 11 for Windows 8.x will be automatically updated to the latest version, which will include Adobe Flash Player 19.0.0.185, please refer:

• Microsoft Security Advisory
  https://technet.microsoft.com/en-us/library/security/2755801

4.6 Adobe Flash Player for Linux should update to Adobe Flash Player 11.2.202.521, via:

• Flash Player Download Center
  https://get.adobe.com/flashplayer/

4.7 Adobe AIR desktop runtime, AIR SDK and AIR SDK & Compiler update to version 19.0.0.190 by visiting:

• AIR download center or
  http://get.adobe.com/air/

• AIR developer center
  http://www.adobe.com/devnet/air/air-sdk-download.html

4.8 AIR for Android update to version 19.0.0.190 by visiting:

• Google Play Store
  https://play.google.com/store/apps/details?id=com.adobe.air

Assistance page in installing Flash Player:
https://helpx.adobe.com/flash-player.html

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected] 
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users

5.0 References

• Adobe Releases Security Updates for Flash Player:
  https://www.us-cert.gov/ncas/current-activity/2015/09/21/Adobe-Releases-Security-Update-Flash-Player

• Adobe Security Bulletin:
  https://helpx.adobe.com/security/products/flash-player/apsb15-23.html

1.0 Introduction

The Internet Systems Consortium (ISC) has released security updates to address vulnerability in BIND. Users and administrators are encouraged to review ISC Knowledge Base Article AA-01305, AA-01306, and AA-01307 and apply the necessary updates.

2.0 Impact

These updates address vulnerabilities that could potentially allow a remote attacker to cause a denial-of-service condition.

3.0 Affected Products

The detail lists of the BIND products updates are as below:

• BIND 9 version 9.9.8
• BIND 9 version 9.10.3
• BIND 9 version 9.9.8-S1

4.0 Recommendation

MyCERT highly recommended users of these applications to upgrade to the patched release most closely related to your current version of BIND.

• Latest release of BIND can be found at :http://www.isc.org/downloads/

• The BIND 9.9 (Extended Support Version) will be supported until June, 2017. The end of life for BIND 9.10 is yet to be determined but will not be before BIND 9.12.0 has been released for 6 months.
  Please refer: https://www.isc.org/downloads/software-support-policy/
  
   

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected] 
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users

5.0 References

• Internet Systems Consortium (ISC) Releases Security Updates for BIND:
  https://www.us-cert.gov/ncas/current-activity/2015/09/16/Internet-Systems-Consortium-ISC-Releases-Security-Updates-BIND

• ISC Knowledge Base: AA-01307
  https://kb.isc.org/article/AA-01307

• ISC Knowledge Base: AA-01305
  https://kb.isc.org/article/AA-01305

• ISC Knowledge Base: AA-01306
  https://kb.isc.org/article/AA-01306

 1.0 Introduction

Microsoft has released 12 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow an attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS15-094 through MS15-105 and apply the necessary updates.
 

2.1    Cumulative Security Update for Internet Explorer (3089548)  
This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Patch: http://go.microsoft.com/fwlink/?LinkId=623623
 

2.2    Cumulative Security Update for Microsoft Edge (3089665)  
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Patch: http://go.microsoft.com/fwlink/?LinkId=623632

2.3   Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Patch: http://go.microsoft.com/fwlink/?LinkId=623553

2.4    Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution (3089656) 
This security update resolves vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Lync. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.
Patch: http://go.microsoft.com/fwlink/?LinkId=623625
 

2.5    Vulnerabilities in Windows Journal Could Allow Remote Code Execution (3089669) 
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Journal file. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Patch: http://go.microsoft.com/fwlink/?LinkId=623624
 

2.6    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Patch: http://go.microsoft.com/fwlink/?LinkId=623627
 

2.7    Vulnerability in Windows Media Center Could Allow Remote Code Execution (3087918)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Patch: http://go.microsoft.com/fwlink/?LinkId=623232
 

2.8    Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3089662)  
This security update resolves vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application. However, in all cases, an attacker would have no way to force users to run the application; an attacker would have to convince users to do so.
Patch: http://go.microsoft.com/fwlink/?LinkId=623575

2.11 Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (3089952)

This security update resolves vulnerabilities in Skype for Business Server and Microsoft Lync Server. The most severe of the vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL. An attacker would have to convince users to click a link in an instant messenger or email message that directs them to an affected website by way of a specially crafted URL.
Patch :  http://go.microsoft.com/fwlink/?LinkId=623216

 

2.12 Vulnerability in Windows Hyper-V Could Allow Security Feature Bypass (3091287)
This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if an attacker runs a specially crafted application that could cause Windows Hyper-V to incorrectly apply access control list (ACL) configuration settings. Customers who have not enabled the Hyper-V role are not affected.
Patch : http://go.microsoft.com/fwlink/?LinkId=623539

3.0    Recommendation
Users and administrators are recommended to perform the update immediately. All of the patches could be done almost automatically via the Windows Update application.

The how-to perform of the Windows Update is available at the following URL:
https://www.mycert.org.my/portal/articles-content?menu=b9f3fdda-c343-4cb4-99a7-a7506cfb13ba&id=62275f48-f209-4440-af1a-c5425c875fa4
 

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected] 
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users

 4.0     References

1.0 Introduction

WordPress 4.3 and prior versions contains two cross-site scripting vulnerabilities and a potential privilege escalation. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website.

This release addresses three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation.

3.0 Affected Products

• Wordpress users

MyCERT highly recommended users of these applications to upgrade to the latest version of the affected products.

• Wordpress users are highly advice to download latest version of Wordpress available at:
  https://wordpress.org/download/

• Another way is by utilizing the Wordpress interface, in which users can go to “Dashboard > Updates” and click “Update Now”.

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail : [email protected] or [email protected] 
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web : https://www.mycert.org.my
Twitter : http://www.twitter.com/mycert
Facebook: http://www.facebook.com/mycert.org.my
Cyber999 Mobile Apps:  IOS Users or Android Users

5.0 References

• https://www.us-cert.gov/ncas/current-activity/2015/09/15/WordPress-Releases-Security-Update
• https://wordpress.org/news/2015/09/wordpress-4-3-1/

1.0 Introduction

Google has released Chrome version 45.0.2454.85 to address multiple vulnerabilities for Windows, Mac, and Linux. Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.

Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system.

2.0 Impact

This update, which includes 29 security fixes to address vulnerabilities that could potentially allow an attacker to take control of the affected system. Table 1 below listed the highlight of security fixes:

3.0 Affected Products

Listed below are the affected products:

• Google Chrome for Windows, Mac and Linux.

4.0 Recommendation

Users are recommended to upgrade to Google Chrome 45.0.2454.85. The latest Google Chrome can be downloaded from this URL:

• Windows users:
  https://www.google.com/chrome/browser/?platform=win
• Linux users:
  https://www.google.com/chrome/browser/?platform=linux
• Mac users:
  https://www.google.com/chrome/browser/?platform=mac

Generally, MyCERT advises the users of this software to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:
E-mail: [email protected] or [email protected] 
Phone: 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442 
Mobile: +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours : Mon - Fri 09:00 AM - 18:00 PM MYT
Web: https://www.mycert.org.my
Twitter: http://www.twitter.com/mycert
Cyber999 Mobile Apps: IOS Users or Android Users

5.0 References

• US-CERT: Google Releases Security Update for Chrome,
  https://www.us-cert.gov/ncas/current-activity/2015/09/01/Google-Releases-Security-Update-Chrome
• Chrome Release: Stable Channel Update,
  http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html