Tanzania Computer Emergency Response Team

Advisory No: TZCERT/SA/2021/07/01 Date of First Release: 01st July 2021 Source: Microsoft Software Affected:  Microsoft Windows Print Spooler Service Overview: Vulnerability exists in Microsoft Windows Print Spooler service due to failure in restricting access to the RpcAddPrinterDriverEx() function,  which could allow a remote attacker to execute arbitrary code with SYSTEM privileges on a …

Cisco has released security updates to address vulnerabilities in Adaptive Security Appliance Software and Firepower Threat Defense software. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Cisco Security Advisory and apply necessary updates.

Drupal has released security updates to address vulnerability affecting Third-party CKEditor library. Exploitation of this vulnerability could allow an attacker to take control of an affected system. Users and Administrators are encouraged to review Drupal Security Advisory and apply necessary updates.

SUSE has released security update to address vulnerabilities affecting its 7multiple packages. Exploitation of these vulnerability could allow an attacker to take control of an affected system. Users and Administrators are encouraged to review SUSE security announcement SUSE-SU-2021:2184-1, SUSE-SU-2021:2177-1, SUSE-SU-2021:2186-1 and SUSE-SU-2021:2180-1 and apply necessary updates.

Palo Alto Networks has released security updates to address a vulnerability in Cortex XSOAR. Exploitation of this vulnerability may allow an attacker to gain escalated privilege. Users and administrators are encouraged to review Paloalto Security Advisory and apply necessary updates.