Tanzania Computer Emergency Response Team

Cisco has released security updates to address vulnerabilities in its multiple products.  Exploitation of these vulnerabilities can allow an attacker to take control of an affected system. Users and administrators are encouraged to review Cisco Security Advisory and apply the necessary updates. For more information visit: Cisco Unified Communications Domain …

Drupal has released security updates to address vulnerabilities in Drupal version 7 and 8.  Exploitation of these vulnerabilities could potentially allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Drupal Security Advisory and apply the necessary updates; click here for more …

Date of First Release: 2018-01-03. Source: Google, National Cybersecurity and Communications Integration Center (NCCIC). Product affected:  Modern microprocessors (CPUs) which use speculative execution techniques to optimize performance including AMD, Apple, Arm, Google, Intel, Linux Kernel, Microsoft, Mozilla and other more. Overview:  CPU hardware implementations are vulnerable to side-channel attacks. These vulnerabilities are …

Date of First Release: 10-01-2018 Source: VMware Product affected: vSphere Data Protection (VDP) running on the virtual machines Version 6.1.x, 6.0.x and 5.x  Overview: VSphere Data Protection (VDP) contains multiple authentication bypass, arbitrary file upload and path traversal vulnerabilities. Description: VMware has release security advisory to address three critical vulnerabilities …

The Mozilla Foundation has release security update to address vulnerability in Firefox. Exploitation of this vulnerability could allow an attacker to obtain sensitive information. Users and administrators are encouraged to review the Security Advisory released and apply the necessary updates. For more information, visit Mozilla Security Advisory