* Thu Aug 15 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> – 1.8.8-1
– Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
– pypi_source constructed manually according to project/name case inconsistency
– only require legacy-cgi on on systems where it’s present
– remove python3.9 patch (applied upstream)
* Thu Aug 15 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> – 1.8.8-1
– Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
– pypi_source constructed manually according to project/name case inconsistency
– only require legacy-cgi on on systems where it’s present
– remove python3.9 patch (applied upstream)
What are the Vulnerabilities?Threat actors are exploiting multiple zero-day vulnerabilities that were recently disclosed on the Microsoft Security Patch Tuesday- August, 2024. The six actively exploited zero-day vulnerabilities were also added to CISA’s Known Exploited Vulnerabilities catalog (KEV) after the disclosure. [August 2024 Security Updates- Release Notes- Microsoft]• CVE-2024-38189: Microsoft Project Remote Code Execution Vulnerability• CVE-2024-38178: Microsoft Windows Scripting Engine Memory Corruption Vulnerability• CVE-2024-38213: Microsoft Windows SmartScreen Security Feature Bypass Vulnerability• CVE-2024-38193: Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability• CVE-2024-38106: Microsoft Windows Kernel Privilege Escalation Vulnerability• CVE-2024-38107: Microsoft Windows Power Dependency Coordinator Privilege Escalation VulnerabilityWhat is the recommended Mitigation?Microsoft has released security updates for these actively exploited vulnerabilities along with other publicly disclosed vulnerabilities. Please see Appendix for the Individual Microsoft Security update guide.What FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by Microsoft immediately to secure their systems.FortiGuard Endpoint Vulnerability Service provides a systematic and automated method of patching applications on an endpoint, eliminating manual processes while reducing the attack surface.Endpoint Vulnerability | FortiGuard LabsFortiGuard IPS Signatures are available for protection against the exploitation of vulnerabilities where applicable. Intrusion Prevention | CVE-2024-38178 Intrusion Prevention | CVE-2024-38193Intrusion Prevention | CVE-2024-38106The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-37399.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2024-38653.