Mozilla Releases Security Updates for Firefox
Situation
Mozilla has released security updates to address a number of vulnerabilities in Firefox and Firefox ESR browser.
Problem
Mozilla has patched a number of high impact vulnerabilities found on the Firefox and Firefox ESR browser. Some of these vulnerabilities are memory safety bugs that could be exploited to run arbitrary code.
Implication
Not having your browser up to date could leave your system vulnerable to a number of now known security issues.
Need
It is recommended to update your Firefox browser to version 74 and Firefox ESR to version 68.6.
Remote Code Execution Vulnerability has been found in Microsoft Exchange Server
Situation
A remote code execution vulnerability has been found in Microsoft Exchange Server versions 2010, 2013, 2016, and 2019 and is now currently being exploited in the wild.
Problem
This vulnerability can allow a remote attacker to perform an remote code execution on affected installations of Microsoft Exchange Server, when the server fails to properly create unique cryptographic keys at the time of installation. This specific vulnerability exists within the Exchange Control Panel web application.
Implication
If exploited, this vulnerability could effectively allow an attacker to read, write, and/or execute a file on the machine with SYSTEM level privileges
Need
Microsoft released a patch for this vulnerability as part of patch Tuesday on February 11, 2020. It is strongly recommended to apply the Microsoft Exchange Servers February 11th (or newer) patch to the affected versions (2010, 2013, 2016, and 2019).
Learn More
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688
