brightness_6 Good Afternoon

Welcome user! NYC Geeks is the premier computer repair and technology service provider for homes and businesses in the New York metropolitan area.

Request Support live_help
Technology News view_quilt
Security Alerts https
  • VMware Releases Security Updates for Workstation, Fusion:
    Original release date: January 11, 2018

    VMware has released security updates to address vulnerabilities in VMware Workstation and Fusion. An attacker could exploit these vulnerabilities to take control of an affected system.

    NCCIC/US-CERT encourages users and administrators to review the VMware Security Advisory VMSA-2018-0005 and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Juniper Networks Releases Security Updates:
    Original release date: January 11, 2018

    Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

    NCCIC/US-CERT encourages users and administrators to review the following Juniper Security Advisories and apply necessary updates:

    • ScreenOS: Etherleak vulnerability found on ScreenOS device (CVE-2018-0014)
    • Junos Space Security Director and Log Collector: Multiple vulnerabilities resolved in 17.2R1 release
    • CTPView: Multiple Linux kernel vulnerabilities
    • Junos Space: Multiple vulnerabilities resolved in 17.2R1 release
    • Junos OS: OpenSSH Memory exhaustion due to unregistered KEXINIT handler (CVE-2016-8858)
    • SRX Series: Firewall bypass vulnerability when UUID with leading zeros is configured. (CVE-2018-0009)
    • Junos: commit script may allow unauthenticated root login upon reboot (CVE-2018-0008)
    • Junos: bbe-smgd process denial of service while processing VLAN authentication requests/rejects (CVE-2018-0006)
    • Junos OS: MAC move limit configured to drop traffic may forward traffic. (CVE-2018-0005)
    • Junos OS: Kernel Denial of Service Vulnerability (CVE-2018-0004)
    • Junos OS: A crafted MPLS packet may lead to a kernel crash (CVE-2018-0003)
    • Junos OS: Malicious LLDP crafted packet leads to privilege escalation, denial of service. (CVE-2018-0007)
    • Junos OS: MX series, SRX series: Denial of service vulnerability in Flowd on devices with ALG enabled. (CVE-2018-0002)
    • Junos: Unauthenticated Remote Code Execution through J-Web interface (CVE-2018-0001) Junos: Unauthenticated Remote Code Execution through J-Web interface (CVE-2018-0001)

    This product is provided subject to this Notification and this Privacy & Use policy.


  • VMware Releases Security Updates:
    Original release date: January 10, 2018

    VMware has released security updates to address a vulnerability in multiple products. An attacker could exploit this vulnerability to obtain access to sensitive information.

    NCCIC/US-CERT encourages users and administrators to review the VMware Security Advisory VMSA-2018-0004 and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Microsoft Releases January 2018 Security Updates:
    Original release date: January 09, 2018

    Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

    US-CERT encourages users and administrators to review Microsoft's January 2018 Security Update Summary and Deployment Information and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Adobe Releases Security Updates for Flash Player:
    Original release date: January 09, 2018

    Adobe has released security updates to address a vulnerability in Flash Player. A remote attacker could exploit this vulnerability to obtain sensitive information.                 

    NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-01 and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • MS-ISAC Releases Advisory on PHP Vulnerabilities:
    Original release date: January 09, 2018

    The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system.

    NCCIC/US-CERT encourages users and administrators to review MS-ISAC Advisory 2018-003 and the PHP Downloads page and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Apple Releases Multiple Security Updates:
    Original release date: January 08, 2018

    Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to obtain access to sensitive information.

    NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:


    This product is provided subject to this Notification and this Privacy & Use policy.


  • VMware Releases Security Updates:
    Original release date: January 05, 2018

    VMware has released security updates to address multiple vulnerabilities in vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client, and Tools. A remote attacker could exploit these vulnerabilities to take control of an affected system.

    NCCIC/US-CERT encourages users and administrators to review the VMware Security Advisory VMSA-2018-0003 and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Mozilla Releases Security Update:
    Original release date: January 04, 2018

    Mozilla has released a security update to address a vulnerability in Firefox. An attacker could exploit this vulnerability to obtain access to sensitive information.

    NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory and update to Firefox 57.0.4.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Meltdown and Spectre Side-Channel Vulnerabilities :
    Original release date: January 03, 2018 | Last revised: January 05, 2018

    US-CERT is aware of a set of security vulnerabilities—known as Meltdown and Spectre—that affect modern computer processors. Exploitation of these vulnerabilities could allow an attacker to obtain access to sensitive information.

    Users and administrators are encouraged to review Vulnerability Note VU#584653, Microsoft's Advisory, and Mozilla's blog post for additional information and refer to their OS vendor for appropriate patches.

    US-CERT is not aware of any active exploitation at this time. Additional information as it becomes available will be available on the following webpage: https://www.us-cert.gov/Meltdown-Spectre-Guidance


    This product is provided subject to this Notification and this Privacy & Use policy.


  • :
  • :
  • :
  • :
  • :
  • :
  • :
  • :
  • :
  • :
  • Security Alerts