Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
2947 Results
High and Medium Vulnerabilities in Zoom
Zoom has released security updates to address High and Medium vulnerabilities in Zoom. These vulnerabilities allow an attacker to perform zero-click remote code execution (RCE). For a complete description of the vulnerabilities and affected systems Zoom Security Bulletins. IT Security
BeyondTrust Vendor Comparison
The following table will provide an overview of the features within BeyondTrust Privileged Remote Access and other Privileged Remote Access systems. We will be reaching out to departments to better understand your current solution and use cases to better transition to BeyondTrust Privileged Remote Access from another privileged remote access tool. Please review the features of BeyondTrust compared to other solutions and if BeyondTrust does not satisfy your needs from a feature perspective, let us know.
- Affiliate
- Faculty
- Non-UCSF
- Staff
- Student
- Technical Partner
- Volunteer
- Desktop Support
Microsoft Releases Workaround Guidance for an Actively Exploited Vulnerability in MSDT
Microsoft has released guidance to address a remote code execution (RCE) vulnerability—CVE-2022-30190, known as "Follina"—affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. There is currently no patch available, but Microsoft has released a published workaround. Microsoft has reported active exploitation of this vulnerability in the wild. A remote, unauthenticated attacker could exploit this vulnerability to take control of an affected system.
MyPPM: OKR - Tiered Goal Deployment
- Staff
Zero-day Windows AD Authentication Vulnerabilities
Microsoft released emergency updates to fix 0-day Windows AD authentication vulnerabilities. After installing updates released May 10, 2022 on domain controllers, authentication failures may occur on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). For a complete description of the vulnerabilities and affected systems:
Moderately Critical Vulnerability May Affect Drupal Sites
Drupal has released security updates to address a Moderately Critical vulnerability affecting some contributed projects or custom code on Drupal sites. A remote attacker could exploit this vulnerability to take control of an affected website. For a complete description of the vulnerabilities and affected systems Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-010.
Purported Actively Exploited Vulnerability in Trend Micro Consumer-Based Products
Trend Micro released a security update for a purported actively exploited vulnerability in its consumer-based products. Attackers are trying to hijack various popular security products, including one from Trend Micro. For a complete description of the vulnerabilities and affected systems SECURITY ADVISORY: Trend Micro Response to Moshen Dragon Abuse. IT Security
Chrome Version 102.0.5005.61 for Windows, Mac, and Linux Released
Google has released Chrome version 102.0.5005.61 for Windows, Mac, and Linux. An attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems Chrome Release Note. IT Security Read more about IT Security service offerings.
High Vulnerabilities in Citrix ADC and Gateway
Citrix has released a security update to address High vulnerabilities in in ADC and Gateway. An attacker could exploit one of these vulnerabilities to cause a denial-of-service condition. For a complete description of the vulnerabilities and affected systems Citrix Security Update CTX457048. IT Security