Security News

A major security hole in the Sudo utility could be abused by unprivileged users to gain root privileges on the vulnerable host, Qualys reports. Designed to allow users to run programs with the security privileges of another user, Sudo is present in major Unix- and Linux-based operating systems out there.

A vulnerability in sudo, a powerful and near-ubiquitous open-source utility used on major Linux and Unix-like operating systems, could allow any unprivileged local user to gain root privileges on a vulnerable host. "This vulnerability is perhaps the most significant sudo vulnerability in recent memory and has been hiding in plain sight for nearly 10 years," said Mehul Revankar, Vice President Product Management and Engineering, Qualys, VMDR, and noted that there are likely to be millions of assets susceptible to it.

This month Google engineers have fixed a severe remote code execution vulnerability in the Go language. The RCE vulnerability, CVE-2021-3115, mainly impacts Windows users of Go running the go get command, due to the default behavior of Windows PATH lookups.

One of the vulnerabilities that Microsoft addressed on January 2021 Patch Tuesday could allow an attacker to relay NTLM authentication sessions and then execute code remotely, using a printer spooler MSRPC interface. Tracked as CVE-2021-1678, the vulnerability has been described by Microsoft as an NT LAN Manager security feature bypass, and is rated important for all affected Windows versions, namely, Windows Server, Server 2012 R2, Server 2008, Server 2016, Server 2019, RT 8.1, 8.1, 7, and 10.

The fourth vulnerability was quite interesting, since it re-appeared at the start of the pandemic when Zoom was under increased usage. Two years later I received a message saying the vulnerability had been fixed, and could I spend my free time checking whether the fix was good?

Drupal has released a security update to address a critical vulnerability in a third-party library with documented or deployed exploits available in the wild. "The Drupal project uses the pear Archive Tar library, which has released a security update that impacts Drupal," the Drupal security team said.

Security updates released this week by the developers of the Drupal content management system patch a vulnerability identified in a third-party library. Core patches were made available for Drupal 9.1, 9.0, 8.9, and 7, to resolve a security flaw affecting PEAR Archive Tar, and which also impacts Drupal.

Google has released Chrome 88 to the stable channel with several security improvements inside, including patches for 36 vulnerabilities, one of which is rated critical severity, and dropped support for Adobe Flash. Chrome 88 also arrived with improved password protections, including a check that helps users identify weak passwords and immediately act upon the issue, to ensure better protection of their accounts.

Below is a list of DNSPooq/dnsmasq advisories released by different vendors. The CERT Coordination Center is also maintaining a list of advisories shared with them.

So how do we solve this problem? It begins with a better vulnerability management system, a refocused commitment to cloud application security best practices and a realignment of our current security posture with the specific requirements of the cloud. Vulnerability assessments are conducted periodically to evaluate the existing security posture and help inform any necessary changes to the vulnerability management action plan.