Apple Security Advisory 2016-10-24-2 – macOS Sierra 10.12.1 is now available and addresses code execution, privilege escalation, and various other vulnerabilities.
>> ARCHIVE: 2016-10
Apple Security Advisory 2016-10-24-3 – Safari 10.0.1 is now available and addresses code execution vulnerabilities.
Apple Security Advisory 2016-10-24-4 – tvOS 10.0.1 is now available and addresses phishing, information disclosure, code execution, and other vulnerabilities.
Apple Security Advisory 2016-10-24-5 – watchOS 3.1 is now available and addresses code execution, information disclosure, and various other vulnerabilities.
The Linux subsystem on Windows suffers from a privilege escalation vulnerability that allows for arbitrary file and directory creation.
FreePBX version 10.13.66 suffers from remote command execution and privilege escalation vulnerabilities.
Puppet Enterprise Web Interface versions prior to 2016.4.0 suffer from an open redirection vulnerability.
Puppet Enterprise Web Interface versions prior to 2016.4.0 suffer from a user enumeration vulnerability.
TrendMicro InterScan Web Security Virtual Appliance remote code execution exploit that leverages the shellshock vulnerability to spawn a connect-back shell.
PSEvents.exe within several Panda Security products runs hourly with SYSTEM privileges. When run, it checks a user writable folder for certain DLL files, and if any are found they are…