[ALERT] ADVISORY ON REMOTE CODE EXECUTION (CVE-2019-0232) IN APACHE TOMCAT

Submitted by irteam on Mon, 04/15/2019 - 21:12

Background

Apache Software Foundation has released security updates for Apache Tomcat to address vulnerability. A Remote Code Execution vulnerability (CVE-2019-0232) resides in the Common Gateway Interface (CGI) Servlet when running on Windows with enableCMDLineArguments enabled. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.

Affected System

  1. Apache Tomcat 9.0.0.M1 to 9.0.17
  2. Apache Tomcat 8.5.0 to 8.5.39
  3. Apache Tomcat 7.0.0. to 7.0.93

Recommendations

Microsoft released April 2019 Security Updates

Submitted by irteam on Thu, 04/11/2019 - 21:10

Microsoft has released April 2019 Security Updates to address vulnerabilities in its Windows Operating System and other products in which 13 of it are rated critical and the others are rated important in severity.

Users and System Administrators are highly recommended to install the latest security patches to avoid hackers or cybercriminals from taking control of their computers.