Advisories & Alerts

[SingCERT] Alert on Vulnerability in runc container runtime (CVE-2019-5736) 15 February 2019

A high severity vulnerability (CVE-2019-5736 with a CVSS score 7.2) was reported in runc, an open-source container runtime that supports Docker and associated container engines such as containerd and CRI-O

The flaw allows an attacker to perform a container escape and attack the host operating system by running a malicious image with minimal user interaction.

[SingCERT] Alert on Microsoft February 2019 Patch Tuesday 13 February 2019

Microsoft has announced the release of over 70 security patches to address vulnerabilities affecting its operating system and products.

A total of 21 vulnerabilities were rated critical and require immediate attention.

[SingCERT] Alert on DNS Flag Day 01 February 2019

Domain Name System (DNS) infrastructure operators and Internet service providers are taking part in the first DNS Flag Day on 1 February 2019. This is a global initiative to promote the use of Extension Mechanism Protocol for DNS (EDNS) where participants, software and service providers such as Google and Cloudflare, are going to remove non-standard DNS workarounds.

[SingCERT] Alert on Linux Advanced Package Tool (APT) Remote Code Execution Vulnerability (CVE-2019-3462) 24 January 2019

A vulnerability (CVE-2019-3462) in the Linux Advanced Package Tool (APT) has been discovered. Successful exploitation of the vulnerability could result in arbitrary code execution with access to privileged administrator “root” on affected Linux systems. APT is a widely used utility that handles installation, update, upgrade and removal of software across many Linux operating system distributions. This vulnerability has been given a Common Vulnerability Score System version 3 severity base score of 8.1 out of 10.

[SingCERT] Advisory on Mitigating DNS Records Tampering 24 January 2019

On 22 Jan 19, the US Department of Homeland Security - Cybersecurity and Infrastructure Security Agency - published an Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering” [1] in response to a recent series of incidents involving the tampering of Domain Name System (DNS) records belonging to government agencies and civilian entities across the globe.

[SingCERT] Advisory on Vulnerability for Android ES File Explorer Application (CVE-2019-6447) 18 January 2019

On 17 January, a security researcher found a vulnerability in an Android application known as “ES File Explorer File Manager” (CVE-2019-6447). The application is commonly used for managing files on devices running the Android operating system.

The application only needs to be run once for the vulnerability to be active. Once launched, the application starts a web server on port number 59777 in the background, and allows attackers on the same network to gain access and download files that are stored in the compromised device.

[SingCERT] Alert on Oracle Critical Patch Update Advisory for Administrators 16 January 2019

Oracle has released a critical patch update comprising 284 security patches for over 30 of its products.

Many of the 284 vulnerabilities are remotely exploitable without authentication; for instance, an attacker could gain access into a network without using any user credentials.

[SingCERT] Alert on Microsoft January 2019 Patch Tuesday 10 January 2019

Microsoft has announced the release of over 50 security patches to address vulnerabilities affecting its operating system and other products. Seven vulnerabilities were identified as critical and required immediate attention.

Successful exploitation of these 7 critical vulnerabilities could allow remote code execution by attackers. The vulnerabilities include:

[SingCERT] Advisory on E-mail Extortion Scam 03 January 2019

SingCERT has received a number of reports of e-mail extortion scams asking victims for money in return for not publicly disclosing “private and confidential” information about the victims. These cases bear similarities in modus operandi to reported cases in an advisory - https://www.facebook.com/56706929407/posts/10158120541014408/ issued by the Singapore Police Force on 31 December 2018.

[SingCERT] Alert on Microsoft Scripting Engine Memory Corruption Vulnerability CVE-2018-8653 21 December 2018

Microsoft has released an out-of-band security update to address a critical vulnerability discovered in its Internet Explorer (IE) software. This memory corruption vulnerability (CVE-2018-8653) affects IE when browsing websites that utilise the JScript as the scripting engine.