SAT News: Flash Zero Day, McAfee AV Vulnerability, MiKey Linux Keylogger

Nuspire Security Analytics Team news to cover multiple different vulnerabilities.

First things first, Adobe patches another slew of vulnerabilities (17) including one Zero-day bug that is being actively exploited in the wild. Adobe is aware of CVE-2016-7892 and that it is targeting users running Internet Explorer 32-bit on Windows machines. If Flash Player is not needed for business operation we recommend removing this program from machines or restricting use to only be allowed from trusted hosts.

Multiple vulnerabilities in McAfee's VirusScan Enterprise for Linux have been discovered that can lead to remote code execution as root. The CVE's include:

CVE-2016-8016: Remote Unauthenticated File Existence Test

These vulnerabilities exist in versions 1.9.2 through 2.0.2.

And finally we have a new discovery with the name MiKey, a linux keylogger. Discovered today 12/14/2016 there is currently a 0% Anti-Virus detection rate according to based on the SHA256: 9c07ed03f5bf56495e1d365552f5c9e74bb586ec45dffced2a8368490da4c829. Although there are no details as to whether or not this is being used in the wild, it does indeed exist and an in depth article can be found below.

Link to Adobe Patches.

Link to McAfee Vulnerability.

Link to MiKey.

Nuspire Insights

Nuspire Infographic

Contact Us


Nuspire Infographic

Contact Us