Cybercriminals are actively exploiting two vulnerabilities in Microsoft products
As part of Microsoft’s monthly Patch Tuesday, the company has addressed 87 vulnerabilities across various products. Among them are 23 remote code execution vulnerabilities. Two of the flaws are already being actively exploited in attacks.
One of the actively exploited vulnerabilities, CVE-2023-36884, was publicly disclosed before a patch was released. It allows specially crafted Office documents to bypass Microsoft security features and execute malicious code in the target system. The other vulnerability being exploited affects software for code development.
To protect your devices, be sure to install the latest update as soon as possible. For more details, visit the Microsoft support pages for Windows, Office, and Outlook.
One of the actively exploited vulnerabilities, CVE-2023-36884, was publicly disclosed before a patch was released. It allows specially crafted Office documents to bypass Microsoft security features and execute malicious code in the target system. The other vulnerability being exploited affects software for code development.
To protect your devices, be sure to install the latest update as soon as possible. For more details, visit the Microsoft support pages for Windows, Office, and Outlook.
Addis Ababa University- Cisco Networking Academy,
@CiscoExams www.netacad.com www.cisco.com
Online Live class - Cisco CCNA Professional Networking Course Training & Certification Preparation.
Registration Date: July 27 to September 01, 2023
Class start date: September 02, 2023.
Course Recognitions: CCNA trainees will receive 3 Certificate of Completion, 3 Letter of Merit, 3 Digital Badge that will be accepted in USA, Canada, and Europe, and trainees will award 58% discount voucher for CCNA industry certification exam.
Phone #: 0945-039478/ 0935-602563/ 0902340070/ 011-1-260194 / Office Tel: 011-1-260194
Follow our telegram channel: @CiscoExams
@CiscoExams www.netacad.com www.cisco.com
Online Live class - Cisco CCNA Professional Networking Course Training & Certification Preparation.
Registration Date: July 27 to September 01, 2023
Class start date: September 02, 2023.
Course Recognitions: CCNA trainees will receive 3 Certificate of Completion, 3 Letter of Merit, 3 Digital Badge that will be accepted in USA, Canada, and Europe, and trainees will award 58% discount voucher for CCNA industry certification exam.
Phone #: 0945-039478/ 0935-602563/ 0902340070/ 011-1-260194 / Office Tel: 011-1-260194
Follow our telegram channel: @CiscoExams
Zero-day vulnerability in Android being exploited in the wild
Google has released a security update for Android that patches a total of 33 vulnerabilities. Among them is a zero-day bug, which may already be being actively exploited in attacks – CVE-2023-35674. It allows cybercriminals to elevate their privileges in the target system without the need for any actions from the user.
Besides CVE-2023-35674, the update patches four critical security issues, all of which can allow threat actors to execute malicious code on a vulnerable device. As in the previous case, no user interaction or additional privileges are needed for cybercriminals to carry out an attack.
To protect your Android device, ensure your operating system is up to date. Android installs most security updates automatically. For instructions on how to manually check for and install updates – see Google support.
https://source.android.com/docs/security/bulletin/2023-09-01
Google has released a security update for Android that patches a total of 33 vulnerabilities. Among them is a zero-day bug, which may already be being actively exploited in attacks – CVE-2023-35674. It allows cybercriminals to elevate their privileges in the target system without the need for any actions from the user.
Besides CVE-2023-35674, the update patches four critical security issues, all of which can allow threat actors to execute malicious code on a vulnerable device. As in the previous case, no user interaction or additional privileges are needed for cybercriminals to carry out an attack.
To protect your Android device, ensure your operating system is up to date. Android installs most security updates automatically. For instructions on how to manually check for and install updates – see Google support.
https://source.android.com/docs/security/bulletin/2023-09-01
👆Price info - Check the above image👆
Addis Ababa University - Cisco Networking Academy,
@CiscoExams www.netacad.com www.cisco.com
👉 Online Instructor-led - CCNP Enterprise Core Training & Certification Preparation.
Registration Date: Sept 18 to Oct 13, 2023
Start date: October 14, 2023.
👉 Course Recognitions: Trainees will receive CCNP Course Recognition including Certificate of Completion, Letter of Merit, Digital Badge that will be used and accepted in USA, Canada, and Europe.
https://www.netacad.com/courses/networking/ccnp-enterprise-core-networking
Phone #: 0945-039478/ 0935-602563/ 0902340070/ 011-1-260194 / Office Tel: 011-1-260194
Telegram channel: @CiscoExams
Addis Ababa University - Cisco Networking Academy,
@CiscoExams www.netacad.com www.cisco.com
👉 Online Instructor-led - CCNP Enterprise Core Training & Certification Preparation.
Registration Date: Sept 18 to Oct 13, 2023
Start date: October 14, 2023.
👉 Course Recognitions: Trainees will receive CCNP Course Recognition including Certificate of Completion, Letter of Merit, Digital Badge that will be used and accepted in USA, Canada, and Europe.
https://www.netacad.com/courses/networking/ccnp-enterprise-core-networking
Phone #: 0945-039478/ 0935-602563/ 0902340070/ 011-1-260194 / Office Tel: 011-1-260194
Telegram channel: @CiscoExams
👉 Two zero-day vulnerabilities in Edge, Teams, and Skype being exploited in attacks
Microsoft has released emergency security updates for Edge, Teams and Skype, as well as Webp Image Extensions for Edge. The updates patch two zero-day vulnerabilities that are already being exploited by attackers.
One flaw (CVE-2023-4863) affects an open-source libwebp library used by these products. Cybercriminals create malicious web pages that, when accessed by the browser, can cause crashes, corrupt data, and allow threat actors to run malicious code in vulnerable systems. The second (CVE-2023-5217) is a flaw in libvpx, another open-source library, which is used by video-player software and online streaming services. As in the previous case, attackers create malicious web pages that can cause crashes and arbitrary code execution when accessed by the browser.
To protect your devices, be sure to install the updates as soon as possible. For instructions, see the Microsoft Support pages for Edge, Teams and Skype. Note that while the Microsoft Store will automatically update all users affected by the vulnerability in Webp Image Extensions, the security update will not be installed if Microsoft Store automatic updates are disabled. Visit the Microsoft Store to update the application
https://msrc.microsoft.com/blog/2023/10/microsofts-response-to-open-source-vulnerabilities-cve-2023-4863-and-cve-2023-5217/
Microsoft has released emergency security updates for Edge, Teams and Skype, as well as Webp Image Extensions for Edge. The updates patch two zero-day vulnerabilities that are already being exploited by attackers.
One flaw (CVE-2023-4863) affects an open-source libwebp library used by these products. Cybercriminals create malicious web pages that, when accessed by the browser, can cause crashes, corrupt data, and allow threat actors to run malicious code in vulnerable systems. The second (CVE-2023-5217) is a flaw in libvpx, another open-source library, which is used by video-player software and online streaming services. As in the previous case, attackers create malicious web pages that can cause crashes and arbitrary code execution when accessed by the browser.
To protect your devices, be sure to install the updates as soon as possible. For instructions, see the Microsoft Support pages for Edge, Teams and Skype. Note that while the Microsoft Store will automatically update all users affected by the vulnerability in Webp Image Extensions, the security update will not be installed if Microsoft Store automatic updates are disabled. Visit the Microsoft Store to update the application
https://msrc.microsoft.com/blog/2023/10/microsofts-response-to-open-source-vulnerabilities-cve-2023-4863-and-cve-2023-5217/
Microsoft
Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217 | MSRC Blog
| Microsoft Security…
| Microsoft Security…
Google has released a security update for Android, fixing a full 37 vulnerabilities in the operating system. One of them is rated critical. Updates apply to security flaws in system, framework, and processing components.
CVE-2023-40113 – the critical issue – could give cybercriminals access to sensitive user information. To successfully exploit the vulnerability, they wouldn’t need any additional privileges in the target system.
To protect your devices, make sure your operating system is up to date. Android installs most security updates automatically. For instructions on how to manually check for and install updates – see Google support. Note that Android versions 10 and below are no longer supported.
https://source.android.com/docs/security/bulletin/2023-11-01
https://support.google.com/android/answer/7680439?hl=en
CVE-2023-40113 – the critical issue – could give cybercriminals access to sensitive user information. To successfully exploit the vulnerability, they wouldn’t need any additional privileges in the target system.
To protect your devices, make sure your operating system is up to date. Android installs most security updates automatically. For instructions on how to manually check for and install updates – see Google support. Note that Android versions 10 and below are no longer supported.
https://source.android.com/docs/security/bulletin/2023-11-01
https://support.google.com/android/answer/7680439?hl=en
Google
Check & update your Android version - Android Help
You can find your device's Android version number, security update level, and Google Play system level in your Settings app. You'll get notifications when updates are available for your device. You ca
Cisco Certified Network Associate (CCNA) training is recommended for several reasons:
Foundational Knowledge: CCNA training covers fundamental networking concepts, including TCP/IP, subnetting, routing, switching, and basic security principles. This foundational knowledge is essential for understanding more advanced networking technologies and concepts.
Industry Recognition: The CCNA certification is widely recognized and respected in the IT industry. Holding a CCNA demonstrates to employers that you have a solid understanding of networking fundamentals and are capable of working with Cisco networking equipment.
Career Opportunities: Many entry-level networking positions require or prefer candidates with CCNA certification. By obtaining the CCNA certification, you increase your chances of securing roles such as network administrator, network technician, or technical support engineer.
Preparation for Advanced Certifications: The CCNA serves as a stepping stone to more advanced Cisco certifications, such as the CCNP (Cisco Certified Network Professional) or CCIE (Cisco Certified Internetwork Expert). The knowledge and skills gained through CCNA training provide a solid foundation for pursuing these higher-level certifications.
Hands-on Experience: CCNA training often includes hands-on labs and simulations that allow you to practice configuring Cisco routers and switches in a controlled environment. This practical experience is invaluable for developing real-world networking skills.
Stay Updated with Technology: Cisco regularly updates its certification exams to reflect changes in networking technology and best practices. By pursuing CCNA training, you ensure that your knowledge is up-to-date with the latest industry standards and trends.
Personal and Professional Growth: Obtaining CCNA certification demonstrates your commitment to professional development and can boost your confidence in your networking abilities. It opens up opportunities for personal and professional growth within the IT industry.
Overall, CCNA training is recommended for individuals looking to start or advance their careers in networking. Whether you're new to the field or a seasoned professional, CCNA certification can provide you with the knowledge, skills, and credentials needed to succeed in the ever-changing world of IT networking.
Foundational Knowledge: CCNA training covers fundamental networking concepts, including TCP/IP, subnetting, routing, switching, and basic security principles. This foundational knowledge is essential for understanding more advanced networking technologies and concepts.
Industry Recognition: The CCNA certification is widely recognized and respected in the IT industry. Holding a CCNA demonstrates to employers that you have a solid understanding of networking fundamentals and are capable of working with Cisco networking equipment.
Career Opportunities: Many entry-level networking positions require or prefer candidates with CCNA certification. By obtaining the CCNA certification, you increase your chances of securing roles such as network administrator, network technician, or technical support engineer.
Preparation for Advanced Certifications: The CCNA serves as a stepping stone to more advanced Cisco certifications, such as the CCNP (Cisco Certified Network Professional) or CCIE (Cisco Certified Internetwork Expert). The knowledge and skills gained through CCNA training provide a solid foundation for pursuing these higher-level certifications.
Hands-on Experience: CCNA training often includes hands-on labs and simulations that allow you to practice configuring Cisco routers and switches in a controlled environment. This practical experience is invaluable for developing real-world networking skills.
Stay Updated with Technology: Cisco regularly updates its certification exams to reflect changes in networking technology and best practices. By pursuing CCNA training, you ensure that your knowledge is up-to-date with the latest industry standards and trends.
Personal and Professional Growth: Obtaining CCNA certification demonstrates your commitment to professional development and can boost your confidence in your networking abilities. It opens up opportunities for personal and professional growth within the IT industry.
Overall, CCNA training is recommended for individuals looking to start or advance their careers in networking. Whether you're new to the field or a seasoned professional, CCNA certification can provide you with the knowledge, skills, and credentials needed to succeed in the ever-changing world of IT networking.
Addis Ababa University- Cisco Networking Academy,
@CiscoExams www.netacad.com www.cisco.com
Online Live class - Cisco CCNA Professional Networking Course Training & Certification Preparation.
Registration Date: Feb.12 to March 22, 2024
Class start date: March 23, 2024.
Course Recognitions: CCNA trainees will receive 3 Certificate of Completion, 3 Letter of Merit, 3 Digital Badge that recognized and accepted in USA, Canada, and Europe, and you will award 58% CCNA certification exam discount voucher.
Mobile #: 0902-340070/0935-602563/ 0945-039478/
Office : 011-1-260194
Follow our telegram channel: @CiscoExams
@CiscoExams www.netacad.com www.cisco.com
Online Live class - Cisco CCNA Professional Networking Course Training & Certification Preparation.
Registration Date: Feb.12 to March 22, 2024
Class start date: March 23, 2024.
Course Recognitions: CCNA trainees will receive 3 Certificate of Completion, 3 Letter of Merit, 3 Digital Badge that recognized and accepted in USA, Canada, and Europe, and you will award 58% CCNA certification exam discount voucher.
Mobile #: 0902-340070/0935-602563/ 0945-039478/
Office : 011-1-260194
Follow our telegram channel: @CiscoExams
Dear Cisco Graduates
Cisco recorded classes and shared materials dedicated for registered students and only for personal use.
Please don't share resources on social media and others.
Thank you for your cooperation.
Regards
Cisco recorded classes and shared materials dedicated for registered students and only for personal use.
Please don't share resources on social media and others.
Thank you for your cooperation.
Regards
Addis Ababa University- Cisco Networking Academy,
@CiscoExams www.netacad.com www.cisco.com
Online Live class - Cisco CCNA Professional Networking Course Training & Certification Preparation.
Registration Date: Feb.12 to March 29, 2024
Class start date: March 30, 2024.
Course Recognitions: CCNA trainees will receive 3 Certificate of Completion, 3 Letter of Merit, 3 Digital Badge that recognized and accepted in USA, Canada, and Europe, and you will award 58% CCNA certification exam discount voucher.
Mobile #: 0902-340070/0945-039478/ 0935-602563/
Office : 011-1-260194
Follow our telegram channel: @CiscoExams
@CiscoExams www.netacad.com www.cisco.com
Online Live class - Cisco CCNA Professional Networking Course Training & Certification Preparation.
Registration Date: Feb.12 to March 29, 2024
Class start date: March 30, 2024.
Course Recognitions: CCNA trainees will receive 3 Certificate of Completion, 3 Letter of Merit, 3 Digital Badge that recognized and accepted in USA, Canada, and Europe, and you will award 58% CCNA certification exam discount voucher.
Mobile #: 0902-340070/0945-039478/ 0935-602563/
Office : 011-1-260194
Follow our telegram channel: @CiscoExams