Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Adobe releases out-of-band update to patch ColdFusion zero-day

March 1, 2019
in Internet Security
Adobe releases out-of-band update to patch ColdFusion zero-day
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Adobe has released today an emergency out-of-band update for its ColdFusion development platform that patches a zero-day vulnerability that was being exploited in the wild.

In its security bulletin that was just sent out, Adobe described the vulnerability as a “file upload restriction bypass” and gave it a rating of “critical.”

You might also like

Oxford University lab with COVID-19 research links targeted by hackers

Fastest VPN in 2021 | ZDNet

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

“This attack requires the ability to upload executable code to a web-accessible directory, and then execute that code via an HTTP request. Restricting requests to directories where uploaded files are stored will mitigate this attack,” Adobe said.

The zero-day, tracked as CVE-2019-7816, impacts the current three versions of the ColdFusion platform that are still maintained — ColdFusion 11, 2016, and 2018.

Adobe released the ColdFusion 11 Update 18, ColdFusion 2016 Update 10, and ColdFusion 2018 Update 3 versions to patch the bug. The company said all previous versions are vulnerable to this attack.

The software maker’s usual patch day this month would have been on March 12, on the same day as Microsoft’s Patch Tuesday.

Adobe credited five researchers for finding the zero-day –Charlie Arehart, Moshe Ruzin, Josh Ford, Jason Solarek, and Bridge Catalog Team. All are ColdFusion developers and support specialists, and not security researchers, the type of people who usually discover and report active zero-day exploitation.

Back in November, a Chinese nation-state cyber-espionage group exploited a similar ColdFusion file upload vulnerability to take over vulnerable servers on which owners did not apply Adobe’s September 2018 security updates.

Adobe did not reveal how today’s zero-day was exploited in the wild.

Related cybersecurity news coverage:

Credit: Source link

Previous Post

Bayesian Probability - Data Science Central

Next Post

Predicting T Cell Receptor Specificity with Deep Learning

Related Posts

Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Go malware is now common, having been adopted by both APTs and e-crime groups
Internet Security

Go malware is now common, having been adopted by both APTs and e-crime groups

February 27, 2021
Next Post
Predicting T Cell Receptor Specificity with Deep Learning

Predicting T Cell Receptor Specificity with Deep Learning

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Oxford University lab with COVID-19 research links targeted by hackers
Internet Security

Oxford University lab with COVID-19 research links targeted by hackers

February 27, 2021
The Education Industrial Complex: The Hammer We Have
Data Science

The Education Industrial Complex: The Hammer We Have

February 27, 2021
New AI Machine Learning Reduces Mental Health Misdiagnosis
Machine Learning

New AI Machine Learning Reduces Mental Health Misdiagnosis

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market
Data Science

Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market

February 27, 2021
MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company
Machine Learning

MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Oxford University lab with COVID-19 research links targeted by hackers February 27, 2021
  • The Education Industrial Complex: The Hammer We Have February 27, 2021
  • New AI Machine Learning Reduces Mental Health Misdiagnosis February 27, 2021
  • Fastest VPN in 2021 | ZDNet February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates