Tanzania Computer Emergency Response Team

TZCERT-SU-24-0472 (ZDI Security Update)

13th May 2024

Zero-Day Initiative has released security update to address a vulnerability in Microsoft Windows Bluetooth AVDTP Protocol. Exploitation of this vulnerability may allow an attacker to take control of affected system. Users and administrators are encouraged to review ZDI Security Advisory and apply necessary updates.

TZCERT-SU-24-0471 (WordPress Security Update)

13th May 2024

Wordfence has released security updates to address vulnerabilities in motopress-hotel-booking-lite, learnpress, unlimited-elements-for-elementor and spectra-pro. Exploitation of these vulnerabilities may allow an attacker to take control of affected system. Users and administrators are encouraged to review Wordfence Security Advisories motopress-hotel-booking-lite, learnpress, unlimited-elements-for-elementor and spectra-pro and apply necessary updates.

TZCERT-SU-24-0470 (IBM Security Update)

8th May 2024

IBM has released security updates to address vulnerabilities in its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review IBM Security Bulletins dated 8th May 2024 and apply necessary updates.

TZCERT-SU-24-0481 (Microsoft Security Update)

8th May 2024

Microsoft has released security updates to address vulnerabilities in Microsoft Edge. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Microsoft Releases Note of May 2024 and apply necessary updates.

TZCERT-SU-24-0480 (Oracle Linux Security Update)

8th May 2024

Oracle Linux has released security updates to address vulnerabilities in Oracle Linux OS. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Oracle Linux Security Advisories dated 7th May 2024 and apply necessary updates.

Tanzania Computer Emergency Response Team

CAPACITY BUILDING: THREAT DETECTION AND INCIDENT HANDLING AND RESPONSE TRAINING

CAPACITY BUILDING: THREAT DETECTION TRAINING

Cybersecurity is a key for Development – Tanzania Ranks 2nd in Africa

Download: Advice to Parent/Guardians in Protecting Children Online

Current Activities

TZCERT-SU-24-0472 (ZDI Security Update)

TZCERT-SU-24-0471 (WordPress Security Update)

TZCERT-SU-24-0470 (IBM Security Update)

TZCERT-SU-24-0481 (Microsoft Security Update)

TZCERT-SU-24-0480 (Oracle Linux Security Update)

Subscribe to Receive Regular Updates

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Critical Vulnerabilities in multiple IBM vulnerabilities (CVE-2024-1597, CVE-2022-46337)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

High severity vulnerabilities affecting WordPress (CVE-2024-5943, CVE-2024-2385, CVE-2024-6319, CVE-2024-6318)

High severity vulnerabilities in HPE ProLiant and HPE Edgeline Servers Using BIOS (PixieFail) (CVE-2023-45229, CVE-2023-45230, CVE-2023-45234, CVE-2023-45235, CVE-2021-38575)