Other official information and services: www.belgium.be

Advisories

Bluekeep: Windows RDP Remote Code Execution Vulnerability

15/05/2019

Advisory

CERT.be recommends administrators to update their Microsoft Windows systems with the latest available patches as soon as possible:

PHP Phar deserialization protection mechanism bypass

10/05/2019

Advisory

CERT.be recommends system administrators to update their product to the latest version:

Zero day remote code execution in Oracle WebLogic Server

26/04/2019

Advisory

Oracle has released a patch and revised their critical security patches bundle of april. CERT.be recommends administrators to patch vulnerable systems after thorough testing.

Local Privilege escalation vulnerability in Windows OS

17/04/2019

Advisory

CERT.be recommends administrators to update their Windows with the latest available patches. They can be found here:

Nagios XI 5.5.10: XSS to root RCE

15/04/2019

Advisory

Upgrade to Nagios XI 5.5.11 or above.

Upgrade Nagios IM component to version 2.2.7 or above.

Multiple vulnerabilities in Apache Httpd

03/04/2019

Advisory

CERT.be recommends administrators to update their Apache version to the latest available version.

Shadowhammer

28/03/2019

Advisory

Run the ASUS diagnostic utility to determine whether your system has been affected.

Highly Critical BIND Vulnerability

22/02/2019

Advisory

CERT.be recommends administrators to update their BIND version.

Both BIND 9.11.5-P4 and BIND 9.11.5-P4 include a fix for the memory leak.
If patching is not possible immediately, there are no other known mitigations.

Highly Critical Drupal Remote Execution

22/02/2019

Advisory

CERT.be recommends administrator to update their Drupal version.