[email protected] +603-2181 3666
Extol Threat Intelligent Notification

Major tech companies, including Intel, Microsoft and Google, scrambled to calm the mood this week after a large number of computer users reported performance problems linked to security updates for the Spectre and Meltdown vulnerabilities. A firestorm of criticism has erupted over the response to the chip flaws, which researchers at Google’s Project Zero discovered […]

One of the vulnerabilities addressed by Apple in its latest set of security patches for macOS is an arbitrary code execution flaw, which could be exploited via malicious USB devices. Discovered by Trend Micro security researchers and reported to Apple in April this year, the issue resides in fsck_msdos, a system tool designed to check […]

Oracle pushed out an emergency update for vulnerabilities affecting several of its products that rely on its proprietary Jolt protocol. The bugs were discovered by researchers at ERPScan who named the series of five vulnerabilities JoltandBleed. The vulnerabilities are severe, with two of the bugs scoring 9.9 and 10 on the CVSS scale.  Products affected […]

An update released by Taiwan-based industrial automation company Advantech for its WebAccess product patches two remote code execution vulnerabilities, ICS-CERT reported on Thursday.Advantech WebAccess is a browser-based software package for human-machine interfaces (HMI) and supervisory control and data acquisition (SCADA) systems. According to ICS-CERT, WebAccess versions prior to 8.2_20170817 are affected by a stack-based buffer […]

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code execution on a server running PeopleSoft software. The flaw is in the core […]

Security experts are urging network administrators to patch a Microsoft Office vulnerability that has been exploited in the wild. The vulnerability (CVE-2017-11826) could allow remote code execution if a user opens a specially crafted Office file. It was one of 62 vulnerabilities patched by Microsoft as part of its monthly Patch Tuesday updates released today. […]