Other official information and services: www.belgium.be

Advisories

Local Privilege escalation vulnerability in Windows OS

17/04/2019

Advisory

CERT.be recommends administrators to update their Windows with the latest available patches. They can be found here:

Nagios XI 5.5.10: XSS to root RCE

15/04/2019

Advisory

Upgrade to Nagios XI 5.5.11 or above.

Upgrade Nagios IM component to version 2.2.7 or above.

Multiple vulnerabilities in Apache Httpd

03/04/2019

Advisory

CERT.be recommends administrators to update their Apache version to the latest available version.

Shadowhammer

28/03/2019

Advisory

Run the ASUS diagnostic utility to determine whether your system has been affected.

Highly Critical BIND Vulnerability

22/02/2019

Advisory

CERT.be recommends administrators to update their BIND version.

Both BIND 9.11.5-P4 and BIND 9.11.5-P4 include a fix for the memory leak.
If patching is not possible immediately, there are no other known mitigations.

Highly Critical Drupal Remote Execution

22/02/2019

Advisory

CERT.be recommends administrator to update their Drupal version.

Exchange NTLM relaying flaw

29/01/2019

Advisory

CERT.be recommends users to follow the following steps to mitigate this attack as a patch is not yet available:

PHP PEAR Site hacked, official Package Manager replaced

24/01/2019

Advisory

The PEAR Team is actually rebuilding a ‘clean’ version of their website. Meanwhile it’s still possible to clone their GitHub repository, checking the tag of the release you want, cd and install.

RCE Vulnerability in Windows Internet Explorer 9 through 11 (CVE-2018-8653)

11/01/2019

Advisory

CERT.be recommends to apply the Windows patches as soon as you can.