A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site

Alerts

HP Security Update

25th April 2023

HP has released security updates to address a vulnerability affecting its multiple products. Exploitation of this vulnerability may allow an attacker to obtain sensitive information.

Users and Administrators are encouraged to review HP Security Bulletin and apply necessary updates.

Mitsubishi Security Update

25th April 2023

Mitsubishi has released security updates to address vulnerabilities affecting MELSEC and MELIPC series. Exploitation of these vulnerabilities may allow an attacker to cause Denial of Service condition to an affected system.

Users and Administrators are encouraged to review Mitsubishi Security Advisory and apply necessary updates.

IBM Security Update

25th April 2023

IBM has released security updates to address vulnerabilities affecting its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review IBM Security Bulletin and apply necessary updates.

Trend Micro Security Update

25th April 2023

Trend Micro has released security updates to address a vulnerability in its multiple products. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

Users and Administrators are encouraged to review Trend Micro Security Bulletin and apply necessary updates.

Google Chrome Zero Day Vulnerability (CVE-2023-2136)

24th April 2023

Advisory No: TZCERT/SA/2023/04/20

Date of First Release: 20th April 2023

Source: Google

Software Affected:  Google Chrome prior to 112.0.5615.137 (Mac), and Google Chrome prior to 112.0.5615.137/138 (Windows)

Overview:

Google has released security patches to address the Zero Day vulnerability affecting Google Chrome browser for both Mac and Windows operating systems. This vulnerability could allow an attacker to take control of an affected system.

Description:

This vulnerability is tracked as CVE-2023-2136. It is caused by the Integer overflow in Skia in Google Chrome prior to 112.0.5615.137, which allows a remote attacker who had compromised the renderer process to potentially accomplish a sandbox escape via a crafted HTML page. Skia is an open source 2D graphics library used by the browser.

Impact:

Successful exploitation of this vulnerability may allow the attacker to control of the affected system.

Solution:

Google has released a patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html
  2. https://thehackernews.com/2023/04/google-chrome-hit-by-second-zero-day.html
DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2023, All Rights Reserved.