Tanzania Computer Emergency Response Team

VMware has released security advisory to address a host privilege escalation vulnerability in VMware workstation, Player and Horizon View Client for Windows. Exploitation of these vulnerabilities may allow remote attacker to escalate privileges and execute code on an affected VMware system. Updates available include: (a) VMware Workstation 11.1.1 (b) VMware …

OpenSSL has released updates to address a vulnerability that could impact proper certificate verification. A remote attacker could issue invalid certificates that pass validation by affected versions. Updates available include: (a) OpenSSL 1.0.2d for 1.0.2b/1.02c users (b) OpenSSL 1.0.1p for 1.0.1n/1.0.1o users Users and administrators are encouraged to review the …

The Internet Systems Consortium (ISC) has released security updates for BIND. These updates address vulnerability that could potentially allow an attacker to cause a denial of service condition. The following update is available:- (a) BIND 9-version 9.9.7-P1 (b) BIND 9-version 9.10.2-P2 Users and administrators are encouraged to review the ISC …

Adobe has released security updates for Flash Player for Windows, Macintosh and Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system. Affected Software:- (a) Adobe Flash Player Desktop Runtime version 18.0.0.194 and earlier  for Windows and Macintosh (b) Adobe Flash Player …

The Mozilla Foundation has release security updates to address multiple vulnerabilities in Firefox, Firefox ESR and Thunderbird. These updates address vulnerabilities that could allow an attacker to take control of an affected system. The following updates are available: (a) Firefox 39 (b) Firefox ESR 38.1 (c) Thunderbird 38.1 Users and …