#mac

Categories: News Tags: TikTok Tags: Super FabriXss Tags: Twitter Tags: macOS malware Tags: ransomware Tags: 2023 State of Malware Tags: Western Digital Tags: Android Tags: endpoint security Tags: ChatGPT Tags: K-12 Tags: IoT Tags: Facebook Tags: targeted advertising Tags: Google Tags: data theft Tags: e-file Tags: tax Tags: Uber breach The most interesting security related news from the week of April 3 - 9. (Read more...) The post A week in security (April 3 - 9) appeared first on Malwarebytes Labs.

Microsoft and others are doubling down on incident response, adding services and integrating programs to make security analysts and incident response engagements more efficient.

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

Unpatched Macs, iPhones, and iPads open to browser takeover and system kernel-level malicious code execution, Apple warns.

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Big Sur 11.7.6, macOS Ventura 13.3.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Red Hat Security Advisory 2023-1549-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Ubuntu Security Notice 6003-1 - Xi Lu discovered that Emacs did not properly handle certain inputs. An attacker could possibly use this issue to execute arbitrary commands.

Goanywhere Encryption Helper version 7.1.1 suffers from a remote code execution vulnerability.

An privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile.