Year: 2020

Google has released Chrome version 86.0.4240.198 for Windows, Mac, and Linux. This version addresses CVE-2020-16013 and CVE-2020-16017. An attacker could exploit one of these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild. Therefore Bhutan Computer Incident   Response Team recommends users and administrators to review the following resources and apply the necessary updates. Google Chrome Release Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory 2020-154...

Microsoft has released security updates to address remote code execution vulnerabilities affecting Windows Codecs Library and Visual Studio Code. An attacker could exploit these vulnerabilities to take control of an affected system. Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review the Microsoft security advisories for CVE-2020-17022 and CVE-2020-17023 and apply the necessary updates....

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review the Juniper Networks security advisories page and apply the necessary updates....

Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition. Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review Microsoft’s Security Advisory for more information, and apply the necessary updates or workaround....