We found design flaw/weakness in Java Usage Tracker that can enable hackers to create arbitrary files, inject attacker-specified parameters, and elevate local privileges. In turn, these can be chained and used to escalate privileges in order to access resources in affected systems that are normally protected or restricted to other applications or users.
We’ve worked with Oracle through our Zero Day Initiative to patch this flaw, and this has been fixed via Oracle’s October patch update. Users and businesses are accordingly urged to patch and update their version of Java.
In this blog post, we will delve into how this flaw works on Windows — how Java Usage Tracker works and defining the conditions that enabled the exploit.
The post CVE-2018-3211: Java Usage Tracker Local Elevation of Privilege on Windows appeared first on .
Headquartered in Nashville, Tennessee, Crosslin Technologies is a fast-growing managed services provider (MSP) that has been serving a wide range of small and medium businesses since 2014. Director of Information Technology Steve Moore shares, “We built the business from the ground up as an MSP focused on security. Our team brings an extensive background in managed IT and security. We are also veterans, and our military backgrounds provide a level of discipline, professionalism, and courtesy that enables us to offer a great customer experience with a continued focus on building a strong business.”
Independent lab AV-Comparatives focuses on one thing and one thing only — constant, regular tests of the leading antivirus software on the market. After putting each brand’s software suite through its paces, the lab then publishes the results in easy-to-read reports aimed at helping consumers make informed decisions in choosing the cybersecurity that’s right for them. This week, AV-Comparatives published result reports from three studies, and Avast software was tested in each of them.
UPDATE 10/16: We have released the Windows 10 October 2018 Update Build 17763.104 (KB4464455) to Windows Insiders in the Slow and Release Preview rings. This Cumulative Update contains the following fixes:
We have fixed the issue where the incorrect details were being shown in Task Manager under the “Processes” tab.
We fixed an issue where in certain cases IME would not work in the first process of a Microsoft Edge user session.
We fixed an issue where in some cases applications would become unresponsive after resuming from Connected Standby.
We fixed several issues causing application compatibility problems with 3rd-party antivirus and virtualization products.
We fixed several issues with driver compatibility.
Nous avons résolu le problème d'affichage avec des détails incorrects dans le Gestionnaire des tâches sous l'onglet «Processus».
Nous avons corrigé un problème qui empêchait parfois l'IME de fonctionner dans le premier processus d'une session d'utilisateur Microsoft Edge.
Nous avons corrigé un problème où, dans certains cas, les applicationsne répondaient plus après avoir quitté l'état de Veille Connectée (Connected Standby).
Nous avons résolu plusieurs problèmes posant des problèmes de compatibilité des applications avec des produits antivirus et de virtualisation tiers.
Nous avons corrigé plusieurs problèmes de compatibilité avec des pilotes.
The tech world evolves. The ones who wear black hats get smarter, and the ones who wear white hats get even smarter. Using AI, machine learning, and the big data of our vast network, we’re proud to be forerunners in the latter category, staying a step ahead of the cybercrime underworld. We not only test our products rigorously in our own labs, but we submit them for objective third-party evaluations to learn where we can improve. Reviews have been favorable throughout 2018 and we continue to offer the best free and most competitive and feature rich antivirus products on the market.
Avast Free Antivirus 2018 for Windows received Top Product from AV-Test. The Avast 2019 product line-up adds on more features.