Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Exchange, SharePoint, .NET Framework and Internet Explorer. These updates address vulnerabilities that could allow remote code execute, elevation of privilege or denial of service.
Adobe has released security updates for Adobe Flash Player. These updates address multiple vulnerabilities one of which can potentially allow an attacker to take control of the system.
Apple has released a security updates to address multiple vulnerabilities in iOS devices, OS X Yosemite and Apple TV. To address vulnerabilities that can allow remote attackers to execute arbitrary commands.
Updates available include:
- iOS 8.1.1 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later
- Apple TV 7.0.2 for Apple TV 3rd generation and later
- OS X Yosemite v10.10.1 for Macintosh
Microsoft has released a security advisory to address unpatched vulnerability that affecting all supported releases of Microsoft Windows, excluding Windows Server 2003. These updates address the vulnerability that could allow remote code execution if a user opens a crafted Microsoft Office file that contains an OLE object.
Cybercriminals are using Ebola virus epidemic as social engineering theme to circulate Malware and performing Phishing activities.
Symantec has observed three malware operations and a phishing campaign using the Ebola virus as a social engineering theme.
Attackers may use these Phishing emails that contain links that direct users to websites which collect person information such as login credentials, or contain malicious attachments that can infect a system.
TZ-CERT reminds users to protect against email scams and cyber campaigns using the Ebola virus as a theme.
Users are encouraged to use caution when encountering these types of email messages and take the following preventative measures to protect themselves:
Do not follow unsolicited web links or attachments in email messages.
Maintain up-to-date antivirus software.