Advisory No: TZCERT/SA/2020/09/02 Date of First Release: 2nd September, 2020 Source: CISCO Software Affected: Any Cisco device with an active interface configured with multicast routing and running Cisco IOS XR software. Overview: Cisco has issued a security advisory on multiple vulnerabilities on any CISCO device running IOS XR Software. These vulnerabilities tracked as CVE-2020-3566 …

Tanzania Computer Emergency Response Team (TZ-CERT is mandated to raise awareness and enhance technical capacity in the area of cybersecurity. Between 27th July to 18th September 2020, TZ-CERT carried out cybersecurity awareness program in nine (9) public institutions namely: Tanzania Investment Centre (TIC), Tanzania Airport Authority (TAA), National Housing Corporation …

Cisco has released security updates to address vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP). Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review released Cisco Security advisory and apply necessary updates.

Firefox has released security updates to address multiple vulnerabilities in Thunderbird 68. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Thunderbird Security Advisory and apply necessary updates.

Google has released security updates to address vulnerabilities in Chrome prior to version 85.0.4183.83. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Chrome Release Page and apply necessary updates.

Debian has released security update to address a vulnerability in Lua module for Nginx. Exploitation of this vulnerability may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Debian Security Advisory and apply necessary updates.

Advisory No: TZCERT/SA/2020/08/27 Date of First Release: 27th August 2020 Source: MICROSOFT Software Affected: Microsoft Access Products Overview: Current Microsoft Access Products are missing security updates that can cause a remote code execution vulnerability (RCE). The vulnerability may allow an unauthenticated user to run arbitrary code in the context of current user. Description: This …

Citrix has released security updates to address vulnerabilities in Citrix Hypervisor and XenServer. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Citrix Security Bulletin and apply necessary updates.

Mozilla has released security updates to address vulnerabilities in Firefox prior to version 80 and Firefox ESR prior to version 68.12 and version 78.2. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Mozilla Security Advisories and apply …

IBM has released security updates to address vulnerabilities in IBM Security Guardium Insights. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review IMB security bulletins for CVE-2020-4598 and CVE-2020-4165 and apply necessary updates.