In this advisory:
- The WhatsApp security scare
- Windows Updates
- Adobe Updates
- Apple Updates
- Citrix Vulnerabilities
- Debian Updates
- RedHat Updates
The WhatsApp security scare
Recent news has surfaced with headlines claiming that millions of WhatsApp users have been compromised with a recent hack.
The truth is that the hack exploits a flaw in WhatsApp that allows an attacker to append code to the end of a call initiation signal that can covertly install software on a vulnerable system without the target knowing or even needing to interact with the device.
This active exploit has been attributed to an Israeli security contractor that has a history of selling surveillance to nation states although some regard this as speculation.
The targets seem to be specific individuals of interest (politicians, human rights advocates, journalists etc.) and the larger WhatsApp user base does not seem to be a concern at this point. Unless you are somehow annoying a country, I don’t think you can expect to have your smartphone listening in courtesy of the WhatsApp exploit.
A patch to mitigate this security flaw has been issued and all WhatsApp users are advised to check and apply any outstanding updates. This applies to all platforms including mobile and desktop systems.
The second Tuesday of the month has come and gone and we had the update fairy pay us a visit leaving some 89 patches in our update queues.
The most severe of the vulnerabilities scored a 9.8 out of 10, 23 of the 89 patches are rated as critical, 2 are publicly disclosed and 1 is under active exploitation.
Windows 10 1803 carries the largest number of patches (27) followed by Windows Server 2019 (25) and Windows 10 1709 (23) comes in a close-ish 3rd.
All users are strongly advised to check all systems for updates and ensure that they are applied ASAP. A restart within the next 24 hours is advised.
As usual, with a Microsoft Update we expect an update from Adobe covering vulnerabilities in Media Encoder, Flash Player, Acrobat, Acrobat Reader, Bridge CC to name a few.
If you have any Adobe products, please check for updates.
If you are still using Adobe Flash Player or Adobe Shockwave by choice, you may have some life decisions to reconsider.
Not to be left out of the update party, Apple has decided that will bring updates to iOS (12.3), MacOS (10.14.5), tvOS (12.3) and watchOS (5.2.1).
These updates address security issues as well as package in additional functionality.
Now the cool kids have something to update with the rest of us.
Citrix Workspace app and Receiver for Windows have had a remote code execution vulnerability patched that could allow an attacker read/write access to a local drive.
If you use either application from Citrix, please check and apply updates found in the official bulletin. (https://support.citrix.com/article/CTX251986)
Debian has released updates for ghostscript and symphony. Go apt-get update/upgrade as soon as you can.
Updates for python, ruby, java, bind, thunderbird and others are now available for RedHat.
There have been a few bad emails getting around. Most of them are obvious with a couple needing a close look.
The same rule applies : If in doubt, let Ben sort it out.