Voice recognition—and data collection—have boomed in recent years. Researchers are figuring out how to protect your privacy.

Your voice reveals more about you than you realize. To the human ear, your voice can instantly give away your mood, for example—it’s easy to tell if you’re excited or upset. But machines can learn a lot more: inferring your age, gender, ethnicity, socio-economic status, health conditions, and beyond. Researchers have even been able to generate images of faces based on the information contained in individuals’ voice data.

As machines become better at understanding you through your voice, companies are cashing in. Voice recognition systems—from Siri and Alexa to those using your voice as your password—have proliferated in recent years as artificial intelligence and machine learning have unlocked the ability to understand not just what you are saying but who you are. Big Voice may be a $20 billion industry within a few years. And as the market grows, privacy-focused researchers are increasingly searching for ways to protect people from having their voice data used against them.

Vocal Threats

Both the words you say and how you say them can be used to identify you, says Emmanuel Vincent, a senior research scientist specializing in voice technologies at France’s National Institute for Research in Digital Science and Technology (Inria), but this is only the beginning. “You will also find other pieces of information about your emotions or your medical condition,” Vincent says.

“These additional pieces of information help build a more complete profile—then this would be used for all sorts of targeted advertisements,” Vincent says. As well as your voice data potentially feeding into the vast realm of data used to show you online ads, there’s also the risk that hackers could access the location where your voice data is stored and use it to impersonate you. A small number of these cloning incidents have already happened, proving the value your voice holds. Simple robocall scams have also recorded people saying “yes” to use the confirmation in payment scams.

Last year, TikTok changed its privacy policies and started collecting the voiceprints—a loose term for the data your voice contains—of people in the US alongside other biometric data, such as your faceprint. More broadly, call centers are using AI to analyze people’s “behavior and emotion” during phone calls and evaluate the “tone, pace, and pitch of every single word” to develop profiles of people and increase sales. “We’re almost in a situation where the systems to recognize who you are and link everything together exist, but the protection is not there—and it’s still quite far away from being readily usable,” says Henry Turner, who researched the security of voice systems at the University of Oxford.

Hidden Meaning

Your voice is produced through a complex process involving the lungs and your voice box, throat, nose, mouth, and sinuses. More than a hundred muscles are activated when you speak, says Rébecca Kleinberger, a voice researcher at the MIT Media Lab. “It's also very much the brain,” Kleinberger says. 

Researchers are experimenting with four ways to enhance privacy for your voice, says Natalia Tomashenko, a researcher at Avignon University, France, who has been studying voice and is the first author of a research paper on the results of a voice privacy engineering challenge. None of the methods are perfect, but they are being explored as possible ways to boost privacy in the infrastructure processing your voice data.

First is obfuscation, which tries to completely hide who the speaker is. Think of a Hollywood depiction of a hacker totally distorting their voice over a phone call as they explain a devilish plot or ransom (or hacktivist collective Anonymous’s promotional videos). Simple voice-changing hardware allows anyone to quickly change the sound of their voice. More advanced speech-to-text-to-speech systems can transcribe what you’re saying and then reverse the process and say it in a new voice.

Second, Tomashenko says, researchers are looking at distributed and federated learning—where your data doesn’t leave your device but machine learning models still learn to recognize speech by sharing their training with a bigger system. Another approach involves building encrypted infrastructure to protect people’s voices from snooping. However, most efforts are focused on voice anonymization.

Anonymization attempts to keep your voice sounding human while stripping out as much of the information that could be used to identify you as possible. Speech anonymization efforts currently involve two separate strands: anonymizing the content of what someone is saying by deleting or replacing any sensitive words in files before they are saved and anonymizing the voice itself. Most voice anonymization efforts at the moment involve passing someone’s voice through experimental software that will change some of the parameters in the voice signal to make it sound different. This can involve altering the pitch, replacing segments of speech with information from other voices, and synthesizing the final output.

Does anonymization technology work? Male and female voice clips that were anonymized as part of the Voice Privacy Challenge in 2020 definitely do sound different. They’re more robotic, sound slightly pained and could—to some listeners at least—be from a different person than the original voice clips. “I think it can already guarantee a much higher level of protection than doing nothing, which is the current status,” says Vincent, who has been able to reduce how easy it is to identify people in anonymization research. However, humans aren’t the only listeners. Rita Singh, an associate professor in Carnegie Mellon University’s Language Technologies Institute, says that total de-identification of the voice signal is not possible, as machines will always have the potential to make links between attributes and individuals, even connections that aren’t clear to humans. “Is the anonymization with respect to a human listener or is it with respect to a machine listener?” says Shri Narayanan, a professor of electrical and computer engineering at the University of Southern California.

“True anonymization is not possible without completely changing the voice,” Singh says. “When you completely change the voice, then it's not the same voice.” Despite this, it is still worth developing voice-privacy technology, Singh adds, as no privacy or security system is totally secure. Fingerprints and face identification systems on iPhones have been spoofed in the past, but overall, they’re still an effective method of protecting people’s privacy.

Bye, Alexa

Your voice is increasingly being used as a way to verify your identity. For example, a growing number of banks and other companies are analyzing your voiceprints, with your permission, to replace your password. There’s also the potential for voice analysis to detect illness before other signs are obvious. But the technology to clone or fake someone’s voice is advancing quickly.

If you have a few minutes of someone’s voice recorded, or in some instances a few seconds, it’s possible to recreate that voice using machine learning—_The Simpsons’_ voice actors could be replaced by deep fake voice clones, for instance. And commercial tools for recreating voices are readily available online. “There’s definitely more work in speaker identification and producing speech to text and text to speech than there is in protecting people from any of those technologies,” Turner says.

Many of the voice anonymization techniques being developed at the moment are still a long way from being used in the real world. When they are ready to be used it’s likely that companies will have to implement tools themselves, to protect their customers' privacy—there’s currently little individuals can do to protect their own voice. Avoiding calls with call centers or companies that use voice analysis, and not using voice assistants, could limit how much your voice is recorded and reduce possible attack opportunities.

But the biggest protections may come from legal cases and protections. Europe’s GDPR covers biometric data, including people’s voices, in its privacy protections. Guidelines say people should be told how their data is being used and provide consent if they’re being identified, and that some restrictions should be placed on personalization. Meanwhile, in the US, courts in Illinois— home to some of the strongest biometric laws in the country—are increasingly inspecting cases involving people’s voice data. McDonald’s, Amazon, and Google are all facing judicial scrutiny over how they use people’s voice data. The decisions in these cases could lay down new rules for the protection of people’s voices.

The Race to Hide Your Voice

SAN DIEGO, May 31, 2022 /PRNewswire/ -- ESET, a global leader in cybersecurity, has announced a new suite of products for the Telecommunications and Internet Service Provider (Telco and ISP) industry, with the aim of offering extensive protection to consumers. Cybercrime is a borderless problem and ESET telemetry shows that the volume of cyberattacks is increasing, with a trend toward attacks against smartphones. ESET's newly launched NetProtect suite ensures that service providers and their end users have the tools they need to combat these advanced and evolving mobile threats.

**About the new ESET NetProtect products  
**The new offering includes ESET NetProtect for Mobile and ESET NetProtect for Mobile Advanced, which offer security via mobile networks, and ESET NetProtect for Home Advanced, which helps secure fixed network connections. These solutions protect customer devices connected to Telco and ISP networks (fixed or mobile) against malicious web domains or domain categories such as malware, phishing and potentially unwanted content. With ESET NetProtect Advanced (fixed or mobile), parents also have full control of their children's filters through Web Content Filter. The management portal for end users allows them to manage the ESET NetProtect settings of their connected devices, manage their domain whitelists and blacklists, and generate security reports, giving users an insight into how ESET protects their devices as well as summary information about detected threats, blocked webpages and more.

Thanks to easy integration into Telco and ISP network services and existing activation processes, network-level solutions do not require any software installation on end user devices, and are compatible with both Android and iOS. The solutions are provided as a one-click service activation from the users' trusted internet provider and automatically provide protection to any connected device. Security tailored to customers' needs is ensured by offering robust local customer and partner support coverage along with comprehensive protection that is a step ahead of online threats via ESET's first access to a unique set of malware detected and pooled at a worldwide network of research and development centers.

"We are thrilled to launch this new suite of advanced cybersecurity products designed for service providers and their customers, which represents a critical threat vector for bad actors," said Brent McCarty, President of ESET North America. "At ESET, we always develop products with our customers in mind, and with our ESET NetProtect offering we have created an easy-to-use and elegant solution not only for the industry leaders in the Telco and ISP sector, but for the consumers who are the actual end users of our products."

For more than 30 years, ESET has invested heavily in multiple layers of proprietary technology that prevent breaches of its customers' endpoints and systems, by both known and never-before-seen threats. These products are informed by world-class threat analysis and expertise from the company's global research team. With a presence in over 200 countries worldwide and 13 research and development centers around the world, ESET offers its over 400,000 business customers peace of mind that their interests are protected at all times. ESET also helps protect the Google Play store and is trusted by millions of consumers around the world. To read more about the new offering for Telcos and ISPs or to contact the ESET team for more information, please click here.

**About ESET  
**For more than 30 years, ESET® has been providing enterprises across the globe with industry-leading IT security software and services, including endpoint detection and response, encryption and authentication, and comprehensive security services packages. With high-performing, easy-to-use solutions that cater to businesses of all sizes, ESET protects customers from increasingly sophisticated digital threats in an ever-evolving landscape. ESET delivers to the enterprise market the people, expertise, and cutting-edge technology required to keep businesses safe and running without interruption. For more information, visit www.eset.com or follow us on LinkedIn, Facebook, and Twitter.

SOURCE ESET

ESET Launches NetProtect Suite of Advanced Cybersecurity Offerings for Telcos and ISPs

Red Hat Security Advisory 2022-4798-01 - The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Issues addressed include a code execution vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: maven:3.5 security update  
Advisory ID:       RHSA-2022:4798-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4798  
Issue date:        2022-05-30  
CVE Names:         CVE-2022-29599  
====================================================================  
1. Summary:

An update for the maven:3.5 module is now available for Red Hat Enterprise  
Linux 8, Red Hat Enterprise Linux 8.2 Extended Update Support, and Red Hat  
Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The Apache Maven Shared Utils project aims to be an improved functional  
replacement for plexus-utils in Maven.

Security Fix(es):

* maven-shared-utils: Command injection via Commandline class  
(CVE-2022-29599)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2066479 - CVE-2022-29599 maven-shared-utils: Command injection via Commandline class

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:  
aopalliance-1.0-17.module+el8+2452+b359bfcd.src.rpm  
apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.src.rpm  
apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-io-2.6-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.src.rpm  
atinject-1-28.20100611svn86.module+el8+2452+b359bfcd.src.rpm  
cdi-api-1.2-8.module+el8+2452+b359bfcd.src.rpm  
geronimo-annotation-1.0-23.module+el8+2452+b359bfcd.src.rpm  
glassfish-el-3.0.1-0.7.b08.module+el8+2452+b359bfcd.src.rpm  
google-guice-4.1-11.module+el8+2452+b359bfcd.src.rpm  
guava20-20.0-8.module+el8+2452+b359bfcd.src.rpm  
hawtjni-1.16-2.module+el8+2452+b359bfcd.src.rpm  
httpcomponents-client-4.5.5-4.module+el8+2452+b359bfcd.src.rpm  
httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.src.rpm  
jansi-1.17.1-1.module+el8+2452+b359bfcd.src.rpm  
jansi-native-1.7-7.module+el8+2452+b359bfcd.src.rpm  
jboss-interceptors-1.2-api-1.0.0-8.module+el8+2452+b359bfcd.src.rpm  
jsoup-1.11.3-3.module+el8+2452+b359bfcd.src.rpm  
maven-3.5.4-5.module+el8+2452+b359bfcd.src.rpm  
maven-resolver-1.1.1-2.module+el8+2452+b359bfcd.src.rpm  
maven-shared-utils-3.2.1-0.2.module+el8.2.0+15046+b52d227a.src.rpm  
maven-wagon-3.1.0-1.module+el8+2452+b359bfcd.src.rpm  
plexus-cipher-1.7-14.module+el8+2452+b359bfcd.src.rpm  
plexus-classworlds-2.5.2-9.module+el8+2452+b359bfcd.src.rpm  
plexus-containers-1.7.1-8.module+el8+2452+b359bfcd.src.rpm  
plexus-interpolation-1.22-9.module+el8+2452+b359bfcd.src.rpm  
plexus-sec-dispatcher-1.4-26.module+el8+2452+b359bfcd.src.rpm  
plexus-utils-3.1.0-3.module+el8+2452+b359bfcd.src.rpm  
sisu-0.3.3-6.module+el8+2452+b359bfcd.src.rpm  
slf4j-1.7.25-4.module+el8+2452+b359bfcd.src.rpm

aarch64:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.aarch64.rpm

noarch:  
aopalliance-1.0-17.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-io-2.6-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.noarch.rpm  
atinject-1-28.20100611svn86.module+el8+2452+b359bfcd.noarch.rpm  
cdi-api-1.2-8.module+el8+2452+b359bfcd.noarch.rpm  
geronimo-annotation-1.0-23.module+el8+2452+b359bfcd.noarch.rpm  
glassfish-el-api-3.0.1-0.7.b08.module+el8+2452+b359bfcd.noarch.rpm  
google-guice-4.1-11.module+el8+2452+b359bfcd.noarch.rpm  
guava20-20.0-8.module+el8+2452+b359bfcd.noarch.rpm  
hawtjni-runtime-1.16-2.module+el8+2452+b359bfcd.noarch.rpm  
httpcomponents-client-4.5.5-4.module+el8+2452+b359bfcd.noarch.rpm  
httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.noarch.rpm  
jansi-1.17.1-1.module+el8+2452+b359bfcd.noarch.rpm  
jboss-interceptors-1.2-api-1.0.0-8.module+el8+2452+b359bfcd.noarch.rpm  
jcl-over-slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm  
jsoup-1.11.3-3.module+el8+2452+b359bfcd.noarch.rpm  
maven-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm  
maven-lib-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-api-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-connector-basic-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-impl-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-spi-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-transport-wagon-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-util-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-shared-utils-3.2.1-0.2.module+el8.2.0+15046+b52d227a.noarch.rpm  
maven-wagon-file-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-http-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-http-shared-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-provider-api-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
plexus-cipher-1.7-14.module+el8+2452+b359bfcd.noarch.rpm  
plexus-classworlds-2.5.2-9.module+el8+2452+b359bfcd.noarch.rpm  
plexus-containers-component-annotations-1.7.1-8.module+el8+2452+b359bfcd.noarch.rpm  
plexus-interpolation-1.22-9.module+el8+2452+b359bfcd.noarch.rpm  
plexus-sec-dispatcher-1.4-26.module+el8+2452+b359bfcd.noarch.rpm  
plexus-utils-3.1.0-3.module+el8+2452+b359bfcd.noarch.rpm  
sisu-inject-0.3.3-6.module+el8+2452+b359bfcd.noarch.rpm  
sisu-plexus-0.3.3-6.module+el8+2452+b359bfcd.noarch.rpm  
slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm

ppc64le:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.ppc64le.rpm

s390x:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.s390x.rpm

x86_64:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.x86_64.rpm

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
aopalliance-1.0-17.module+el8+2452+b359bfcd.src.rpm  
apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.src.rpm  
apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-io-2.6-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.src.rpm  
atinject-1-28.20100611svn86.module+el8+2452+b359bfcd.src.rpm  
cdi-api-1.2-8.module+el8+2452+b359bfcd.src.rpm  
geronimo-annotation-1.0-23.module+el8+2452+b359bfcd.src.rpm  
glassfish-el-3.0.1-0.7.b08.module+el8+2452+b359bfcd.src.rpm  
google-guice-4.1-11.module+el8+2452+b359bfcd.src.rpm  
guava20-20.0-8.module+el8+2452+b359bfcd.src.rpm  
hawtjni-1.16-2.module+el8+2452+b359bfcd.src.rpm  
httpcomponents-client-4.5.5-4.module+el8+2452+b359bfcd.src.rpm  
httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.src.rpm  
jansi-1.17.1-1.module+el8+2452+b359bfcd.src.rpm  
jansi-native-1.7-7.module+el8+2452+b359bfcd.src.rpm  
jboss-interceptors-1.2-api-1.0.0-8.module+el8+2452+b359bfcd.src.rpm  
jsoup-1.11.3-3.module+el8+2452+b359bfcd.src.rpm  
maven-3.5.4-5.module+el8+2452+b359bfcd.src.rpm  
maven-resolver-1.1.1-2.module+el8+2452+b359bfcd.src.rpm  
maven-shared-utils-3.2.1-0.2.module+el8.4.0+15140+8e8c2c6f.src.rpm  
maven-wagon-3.1.0-1.module+el8+2452+b359bfcd.src.rpm  
plexus-cipher-1.7-14.module+el8+2452+b359bfcd.src.rpm  
plexus-classworlds-2.5.2-9.module+el8+2452+b359bfcd.src.rpm  
plexus-containers-1.7.1-8.module+el8+2452+b359bfcd.src.rpm  
plexus-interpolation-1.22-9.module+el8+2452+b359bfcd.src.rpm  
plexus-sec-dispatcher-1.4-26.module+el8+2452+b359bfcd.src.rpm  
plexus-utils-3.1.0-3.module+el8+2452+b359bfcd.src.rpm  
sisu-0.3.3-6.module+el8+2452+b359bfcd.src.rpm  
slf4j-1.7.25-4.module+el8+2452+b359bfcd.src.rpm

aarch64:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.aarch64.rpm

noarch:  
aopalliance-1.0-17.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-io-2.6-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.noarch.rpm  
atinject-1-28.20100611svn86.module+el8+2452+b359bfcd.noarch.rpm  
cdi-api-1.2-8.module+el8+2452+b359bfcd.noarch.rpm  
geronimo-annotation-1.0-23.module+el8+2452+b359bfcd.noarch.rpm  
glassfish-el-api-3.0.1-0.7.b08.module+el8+2452+b359bfcd.noarch.rpm  
google-guice-4.1-11.module+el8+2452+b359bfcd.noarch.rpm  
guava20-20.0-8.module+el8+2452+b359bfcd.noarch.rpm  
hawtjni-runtime-1.16-2.module+el8+2452+b359bfcd.noarch.rpm  
httpcomponents-client-4.5.5-4.module+el8+2452+b359bfcd.noarch.rpm  
httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.noarch.rpm  
jansi-1.17.1-1.module+el8+2452+b359bfcd.noarch.rpm  
jboss-interceptors-1.2-api-1.0.0-8.module+el8+2452+b359bfcd.noarch.rpm  
jcl-over-slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm  
jsoup-1.11.3-3.module+el8+2452+b359bfcd.noarch.rpm  
maven-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm  
maven-lib-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-api-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-connector-basic-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-impl-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-spi-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-transport-wagon-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-util-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-shared-utils-3.2.1-0.2.module+el8.4.0+15140+8e8c2c6f.noarch.rpm  
maven-wagon-file-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-http-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-http-shared-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-provider-api-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
plexus-cipher-1.7-14.module+el8+2452+b359bfcd.noarch.rpm  
plexus-classworlds-2.5.2-9.module+el8+2452+b359bfcd.noarch.rpm  
plexus-containers-component-annotations-1.7.1-8.module+el8+2452+b359bfcd.noarch.rpm  
plexus-interpolation-1.22-9.module+el8+2452+b359bfcd.noarch.rpm  
plexus-sec-dispatcher-1.4-26.module+el8+2452+b359bfcd.noarch.rpm  
plexus-utils-3.1.0-3.module+el8+2452+b359bfcd.noarch.rpm  
sisu-inject-0.3.3-6.module+el8+2452+b359bfcd.noarch.rpm  
sisu-plexus-0.3.3-6.module+el8+2452+b359bfcd.noarch.rpm  
slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm

ppc64le:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.ppc64le.rpm

s390x:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.s390x.rpm

x86_64:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.x86_64.rpm

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
aopalliance-1.0-17.module+el8+2452+b359bfcd.src.rpm  
apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.src.rpm  
apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-io-2.6-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.src.rpm  
apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.src.rpm  
atinject-1-28.20100611svn86.module+el8+2452+b359bfcd.src.rpm  
cdi-api-1.2-8.module+el8+2452+b359bfcd.src.rpm  
geronimo-annotation-1.0-23.module+el8+2452+b359bfcd.src.rpm  
glassfish-el-3.0.1-0.7.b08.module+el8+2452+b359bfcd.src.rpm  
google-guice-4.1-11.module+el8+2452+b359bfcd.src.rpm  
guava20-20.0-8.module+el8+2452+b359bfcd.src.rpm  
hawtjni-1.16-2.module+el8+2452+b359bfcd.src.rpm  
httpcomponents-client-4.5.5-5.module+el8.6.0+13298+7b5243c0.src.rpm  
httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.src.rpm  
jansi-1.17.1-1.module+el8+2452+b359bfcd.src.rpm  
jansi-native-1.7-7.module+el8+2452+b359bfcd.src.rpm  
jboss-interceptors-1.2-api-1.0.0-8.module+el8+2452+b359bfcd.src.rpm  
jsoup-1.11.3-3.module+el8+2452+b359bfcd.src.rpm  
maven-3.5.4-5.module+el8+2452+b359bfcd.src.rpm  
maven-resolver-1.1.1-2.module+el8+2452+b359bfcd.src.rpm  
maven-shared-utils-3.2.1-0.2.module+el8.6.0+15045+b1156105.src.rpm  
maven-wagon-3.1.0-1.module+el8+2452+b359bfcd.src.rpm  
plexus-cipher-1.7-14.module+el8+2452+b359bfcd.src.rpm  
plexus-classworlds-2.5.2-9.module+el8+2452+b359bfcd.src.rpm  
plexus-containers-1.7.1-8.module+el8+2452+b359bfcd.src.rpm  
plexus-interpolation-1.22-9.module+el8+2452+b359bfcd.src.rpm  
plexus-sec-dispatcher-1.4-26.module+el8+2452+b359bfcd.src.rpm  
plexus-utils-3.1.0-3.module+el8+2452+b359bfcd.src.rpm  
sisu-0.3.3-6.module+el8+2452+b359bfcd.src.rpm  
slf4j-1.7.25-4.module+el8+2452+b359bfcd.src.rpm

aarch64:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.aarch64.rpm

noarch:  
aopalliance-1.0-17.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-io-2.6-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.noarch.rpm  
apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.noarch.rpm  
atinject-1-28.20100611svn86.module+el8+2452+b359bfcd.noarch.rpm  
cdi-api-1.2-8.module+el8+2452+b359bfcd.noarch.rpm  
geronimo-annotation-1.0-23.module+el8+2452+b359bfcd.noarch.rpm  
glassfish-el-api-3.0.1-0.7.b08.module+el8+2452+b359bfcd.noarch.rpm  
google-guice-4.1-11.module+el8+2452+b359bfcd.noarch.rpm  
guava20-20.0-8.module+el8+2452+b359bfcd.noarch.rpm  
hawtjni-runtime-1.16-2.module+el8+2452+b359bfcd.noarch.rpm  
httpcomponents-client-4.5.5-5.module+el8.6.0+13298+7b5243c0.noarch.rpm  
httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.noarch.rpm  
jansi-1.17.1-1.module+el8+2452+b359bfcd.noarch.rpm  
jboss-interceptors-1.2-api-1.0.0-8.module+el8+2452+b359bfcd.noarch.rpm  
jcl-over-slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm  
jsoup-1.11.3-3.module+el8+2452+b359bfcd.noarch.rpm  
maven-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm  
maven-lib-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-api-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-connector-basic-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-impl-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-spi-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-transport-wagon-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-resolver-util-1.1.1-2.module+el8+2452+b359bfcd.noarch.rpm  
maven-shared-utils-3.2.1-0.2.module+el8.6.0+15045+b1156105.noarch.rpm  
maven-wagon-file-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-http-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-http-shared-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
maven-wagon-provider-api-3.1.0-1.module+el8+2452+b359bfcd.noarch.rpm  
plexus-cipher-1.7-14.module+el8+2452+b359bfcd.noarch.rpm  
plexus-classworlds-2.5.2-9.module+el8+2452+b359bfcd.noarch.rpm  
plexus-containers-component-annotations-1.7.1-8.module+el8+2452+b359bfcd.noarch.rpm  
plexus-interpolation-1.22-9.module+el8+2452+b359bfcd.noarch.rpm  
plexus-sec-dispatcher-1.4-26.module+el8+2452+b359bfcd.noarch.rpm  
plexus-utils-3.1.0-3.module+el8+2452+b359bfcd.noarch.rpm  
sisu-inject-0.3.3-6.module+el8+2452+b359bfcd.noarch.rpm  
sisu-plexus-0.3.3-6.module+el8+2452+b359bfcd.noarch.rpm  
slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm

ppc64le:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.ppc64le.rpm

s390x:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.s390x.rpm

x86_64:  
jansi-native-1.7-7.module+el8+2452+b359bfcd.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-29599  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpTSItzjgjWX9erEAQgEJw/+NfjxsrVuNmYIQAd4uZq601LhJyZYw3Lh  
ZGSBRBUDpy9oLwFu5qTpOMO1Tvowuw5uuZ6c69+rOXBGdEUJXoKN9NB904vXdj+K  
vlZm+Iah49MNc9R8P/UScOCENlRUCj+ZDpMOzVxZowHf7TNuC10BLoJdoMyW4OtS  
u1J91WkpHfhg2M5Pw1hwFsbMrdLZPiPFjQyrW+972OPo9MHr1jx8g+hkaRPQyF4k  
7Dk4+YAVpjPAMqsDbpr32NfEOenHO7g6GtlPLwiWNc+gEb6+xtxwYlRXw/mTRIPL  
syh2eCPJdHHc2AqEVpSeAJfulbZ8tjQaf1kcLZQJ9ViSM0FqzsPDt6IrLGwYbZqQ  
/l1WyCRFOKEBS+1BrW4WlGRB6SqW3L0kiVd8DoRWByz2NNvL8ACMuSIDuUbwdWOn  
/PZzk3KAX43VFxZBXv3123s+7tPSthBlsLMjOZ1aPLq/9ituUyRsye/iVjdQ7yHH  
egTRACDNv9V//1veX4UBMbiFJBj1USkYreEuNIgEVUkMGe7wGXzGY11PDwcAeD5l  
jVL5vxP6uq9a46HDpTovI/Dm+1WCjzLGuwe4y8prlFuG3bbJRi4qTAyVcji7SGsY  
NHu1mj5J+LE6VaQIo3xXBenK2M+MnSMaRpp7hW5KdWElBZhZ3ulhLUaAMSo/fbgv  
GpHNg6vNdC8=mm5z  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4798-01

Red Hat Security Advisory 2022-4797-01 - The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Issues addressed include a code execution vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: maven:3.6 security update  
Advisory ID:       RHSA-2022:4797-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4797  
Issue date:        2022-05-30  
CVE Names:         CVE-2022-29599   
=====================================================================

1. Summary:

An update for the maven:3.6 module is now available for Red Hat Enterprise  
Linux 8, Red Hat Enterprise Linux 8.2 Extended Update Support, and Red Hat  
Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - noarch  
Red Hat Enterprise Linux AppStream EUS (v. 8.2) - noarch  
Red Hat Enterprise Linux AppStream EUS (v.8.4) - noarch

3. Description:

The Apache Maven Shared Utils project aims to be an improved functional  
replacement for plexus-utils in Maven.

Security Fix(es):

* maven-shared-utils: Command injection via Commandline class  
(CVE-2022-29599)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2066479 - CVE-2022-29599 maven-shared-utils: Command injection via Commandline class

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:  
aopalliance-1.0-20.module+el8.2.0+5557+11a14461.src.rpm  
apache-commons-cli-1.4-7.module+el8.2.0+5557+11a14461.src.rpm  
apache-commons-codec-1.13-3.module+el8.2.0+5557+11a14461.src.rpm  
apache-commons-io-2.6-6.module+el8.2.0+5557+11a14461.src.rpm  
apache-commons-lang3-3.9-4.module+el8.2.0+5557+11a14461.src.rpm  
atinject-1-31.20100611svn86.module+el8.2.0+5557+11a14461.src.rpm  
cdi-api-2.0.1-3.module+el8.2.0+5557+11a14461.src.rpm  
geronimo-annotation-1.0-26.module+el8.2.0+5557+11a14461.src.rpm  
google-guice-4.2.2-4.module+el8.2.0+5557+11a14461.src.rpm  
guava-28.1-3.module+el8.2.0+5557+11a14461.src.rpm  
httpcomponents-client-4.5.10-3.module+el8.2.0+5557+11a14461.src.rpm  
httpcomponents-core-4.4.12-3.module+el8.2.0+5557+11a14461.src.rpm  
jansi-1.18-4.module+el8.2.0+5557+11a14461.src.rpm  
jsoup-1.12.1-3.module+el8.2.0+5557+11a14461.src.rpm  
jsr-305-0-0.25.20130910svn.module+el8.2.0+5557+11a14461.src.rpm  
maven-3.6.2-4.module+el8.2.0+5560+b953ed0b.src.rpm  
maven-resolver-1.4.1-3.module+el8.2.0+5557+11a14461.src.rpm  
maven-shared-utils-3.2.1-0.5.module+el8.2.0+15047+acf0c170.src.rpm  
maven-wagon-3.3.4-2.module+el8.2.0+5557+11a14461.src.rpm  
plexus-cipher-1.7-17.module+el8.2.0+5557+11a14461.src.rpm  
plexus-classworlds-2.6.0-4.module+el8.2.0+5557+11a14461.src.rpm  
plexus-containers-2.1.0-2.module+el8.2.0+5557+11a14461.src.rpm  
plexus-interpolation-1.26-3.module+el8.2.0+5557+11a14461.src.rpm  
plexus-sec-dispatcher-1.4-29.module+el8.2.0+5557+11a14461.src.rpm  
plexus-utils-3.3.0-3.module+el8.2.0+5557+11a14461.src.rpm  
sisu-0.3.4-2.module+el8.2.0+5557+11a14461.src.rpm  
slf4j-1.7.28-3.module+el8.2.0+5557+11a14461.src.rpm

noarch:  
aopalliance-1.0-20.module+el8.2.0+5557+11a14461.noarch.rpm  
apache-commons-cli-1.4-7.module+el8.2.0+5557+11a14461.noarch.rpm  
apache-commons-codec-1.13-3.module+el8.2.0+5557+11a14461.noarch.rpm  
apache-commons-io-2.6-6.module+el8.2.0+5557+11a14461.noarch.rpm  
apache-commons-lang3-3.9-4.module+el8.2.0+5557+11a14461.noarch.rpm  
atinject-1-31.20100611svn86.module+el8.2.0+5557+11a14461.noarch.rpm  
cdi-api-2.0.1-3.module+el8.2.0+5557+11a14461.noarch.rpm  
geronimo-annotation-1.0-26.module+el8.2.0+5557+11a14461.noarch.rpm  
google-guice-4.2.2-4.module+el8.2.0+5557+11a14461.noarch.rpm  
guava-28.1-3.module+el8.2.0+5557+11a14461.noarch.rpm  
httpcomponents-client-4.5.10-3.module+el8.2.0+5557+11a14461.noarch.rpm  
httpcomponents-core-4.4.12-3.module+el8.2.0+5557+11a14461.noarch.rpm  
jansi-1.18-4.module+el8.2.0+5557+11a14461.noarch.rpm  
jcl-over-slf4j-1.7.28-3.module+el8.2.0+5557+11a14461.noarch.rpm  
jsoup-1.12.1-3.module+el8.2.0+5557+11a14461.noarch.rpm  
jsr-305-0-0.25.20130910svn.module+el8.2.0+5557+11a14461.noarch.rpm  
maven-3.6.2-4.module+el8.2.0+5560+b953ed0b.noarch.rpm  
maven-lib-3.6.2-4.module+el8.2.0+5560+b953ed0b.noarch.rpm  
maven-openjdk11-3.6.2-4.module+el8.2.0+5560+b953ed0b.noarch.rpm  
maven-openjdk8-3.6.2-4.module+el8.2.0+5560+b953ed0b.noarch.rpm  
maven-resolver-1.4.1-3.module+el8.2.0+5557+11a14461.noarch.rpm  
maven-shared-utils-3.2.1-0.5.module+el8.2.0+15047+acf0c170.noarch.rpm  
maven-wagon-3.3.4-2.module+el8.2.0+5557+11a14461.noarch.rpm  
plexus-cipher-1.7-17.module+el8.2.0+5557+11a14461.noarch.rpm  
plexus-classworlds-2.6.0-4.module+el8.2.0+5557+11a14461.noarch.rpm  
plexus-containers-component-annotations-2.1.0-2.module+el8.2.0+5557+11a14461.noarch.rpm  
plexus-interpolation-1.26-3.module+el8.2.0+5557+11a14461.noarch.rpm  
plexus-sec-dispatcher-1.4-29.module+el8.2.0+5557+11a14461.noarch.rpm  
plexus-utils-3.3.0-3.module+el8.2.0+5557+11a14461.noarch.rpm  
sisu-0.3.4-2.module+el8.2.0+5557+11a14461.noarch.rpm  
slf4j-1.7.28-3.module+el8.2.0+5557+11a14461.noarch.rpm

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
aopalliance-1.0-20.module+el8.3.0+6804+157bd82e.src.rpm  
apache-commons-cli-1.4-7.module+el8.3.0+6804+157bd82e.src.rpm  
apache-commons-codec-1.13-3.module+el8.3.0+6804+157bd82e.src.rpm  
apache-commons-io-2.6-6.module+el8.3.0+6804+157bd82e.src.rpm  
apache-commons-lang3-3.9-4.module+el8.3.0+6804+157bd82e.src.rpm  
atinject-1-31.20100611svn86.module+el8.3.0+6804+157bd82e.src.rpm  
cdi-api-2.0.1-3.module+el8.3.0+6804+157bd82e.src.rpm  
geronimo-annotation-1.0-26.module+el8.3.0+6804+157bd82e.src.rpm  
google-guice-4.2.2-4.module+el8.3.0+6804+157bd82e.src.rpm  
guava-28.1-3.module+el8.3.0+6804+157bd82e.src.rpm  
httpcomponents-client-4.5.10-3.module+el8.3.0+6804+157bd82e.src.rpm  
httpcomponents-core-4.4.12-3.module+el8.3.0+6804+157bd82e.src.rpm  
jansi-1.18-4.module+el8.3.0+6804+157bd82e.src.rpm  
jsoup-1.12.1-3.module+el8.3.0+6804+157bd82e.src.rpm  
jsr-305-0-0.25.20130910svn.module+el8.3.0+6804+157bd82e.src.rpm  
maven-3.6.2-6.module+el8.4.0+9250+1786af37.src.rpm  
maven-resolver-1.4.1-3.module+el8.3.0+6804+157bd82e.src.rpm  
maven-shared-utils-3.2.1-0.5.module+el8.4.0+15048+bdaf849b.src.rpm  
maven-wagon-3.3.4-2.module+el8.3.0+6804+157bd82e.src.rpm  
plexus-cipher-1.7-17.module+el8.3.0+6804+157bd82e.src.rpm  
plexus-classworlds-2.6.0-4.module+el8.3.0+6804+157bd82e.src.rpm  
plexus-containers-2.1.0-2.module+el8.3.0+6804+157bd82e.src.rpm  
plexus-interpolation-1.26-3.module+el8.3.0+6804+157bd82e.src.rpm  
plexus-sec-dispatcher-1.4-29.module+el8.3.0+6804+157bd82e.src.rpm  
plexus-utils-3.3.0-3.module+el8.3.0+6804+157bd82e.src.rpm  
sisu-0.3.4-2.module+el8.3.0+6804+157bd82e.src.rpm  
slf4j-1.7.28-3.module+el8.3.0+6804+157bd82e.src.rpm

noarch:  
aopalliance-1.0-20.module+el8.3.0+6804+157bd82e.noarch.rpm  
apache-commons-cli-1.4-7.module+el8.3.0+6804+157bd82e.noarch.rpm  
apache-commons-codec-1.13-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
apache-commons-io-2.6-6.module+el8.3.0+6804+157bd82e.noarch.rpm  
apache-commons-lang3-3.9-4.module+el8.3.0+6804+157bd82e.noarch.rpm  
atinject-1-31.20100611svn86.module+el8.3.0+6804+157bd82e.noarch.rpm  
cdi-api-2.0.1-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
geronimo-annotation-1.0-26.module+el8.3.0+6804+157bd82e.noarch.rpm  
google-guice-4.2.2-4.module+el8.3.0+6804+157bd82e.noarch.rpm  
guava-28.1-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
httpcomponents-client-4.5.10-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
httpcomponents-core-4.4.12-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
jansi-1.18-4.module+el8.3.0+6804+157bd82e.noarch.rpm  
jcl-over-slf4j-1.7.28-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
jsoup-1.12.1-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
jsr-305-0-0.25.20130910svn.module+el8.3.0+6804+157bd82e.noarch.rpm  
maven-3.6.2-6.module+el8.4.0+9250+1786af37.noarch.rpm  
maven-lib-3.6.2-6.module+el8.4.0+9250+1786af37.noarch.rpm  
maven-openjdk11-3.6.2-6.module+el8.4.0+9250+1786af37.noarch.rpm  
maven-openjdk8-3.6.2-6.module+el8.4.0+9250+1786af37.noarch.rpm  
maven-resolver-1.4.1-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
maven-shared-utils-3.2.1-0.5.module+el8.4.0+15048+bdaf849b.noarch.rpm  
maven-wagon-3.3.4-2.module+el8.3.0+6804+157bd82e.noarch.rpm  
plexus-cipher-1.7-17.module+el8.3.0+6804+157bd82e.noarch.rpm  
plexus-classworlds-2.6.0-4.module+el8.3.0+6804+157bd82e.noarch.rpm  
plexus-containers-component-annotations-2.1.0-2.module+el8.3.0+6804+157bd82e.noarch.rpm  
plexus-interpolation-1.26-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
plexus-sec-dispatcher-1.4-29.module+el8.3.0+6804+157bd82e.noarch.rpm  
plexus-utils-3.3.0-3.module+el8.3.0+6804+157bd82e.noarch.rpm  
sisu-0.3.4-2.module+el8.3.0+6804+157bd82e.noarch.rpm  
slf4j-1.7.28-3.module+el8.3.0+6804+157bd82e.noarch.rpm

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
aopalliance-1.0-20.module+el8.6.0+13337+afcb49ec.src.rpm  
apache-commons-cli-1.4-7.module+el8.6.0+13337+afcb49ec.src.rpm  
apache-commons-codec-1.13-3.module+el8.6.0+13337+afcb49ec.src.rpm  
apache-commons-io-2.6-6.module+el8.6.0+13337+afcb49ec.src.rpm  
apache-commons-lang3-3.9-4.module+el8.6.0+13337+afcb49ec.src.rpm  
atinject-1-31.20100611svn86.module+el8.6.0+13337+afcb49ec.src.rpm  
cdi-api-2.0.1-3.module+el8.6.0+13337+afcb49ec.src.rpm  
geronimo-annotation-1.0-26.module+el8.6.0+13337+afcb49ec.src.rpm  
google-guice-4.2.2-4.module+el8.6.0+13337+afcb49ec.src.rpm  
guava-28.1-3.module+el8.6.0+13337+afcb49ec.src.rpm  
httpcomponents-client-4.5.10-4.module+el8.6.0+13337+afcb49ec.src.rpm  
httpcomponents-core-4.4.12-3.module+el8.6.0+13337+afcb49ec.src.rpm  
jansi-1.18-4.module+el8.6.0+13337+afcb49ec.src.rpm  
jsoup-1.12.1-3.module+el8.6.0+13337+afcb49ec.src.rpm  
jsr-305-0-0.25.20130910svn.module+el8.6.0+13337+afcb49ec.src.rpm  
maven-3.6.2-7.module+el8.6.0+13337+afcb49ec.src.rpm  
maven-resolver-1.4.1-3.module+el8.6.0+13337+afcb49ec.src.rpm  
maven-shared-utils-3.2.1-0.5.module+el8.6.0+15049+43453910.src.rpm  
maven-wagon-3.3.4-2.module+el8.6.0+13337+afcb49ec.src.rpm  
plexus-cipher-1.7-17.module+el8.6.0+13337+afcb49ec.src.rpm  
plexus-classworlds-2.6.0-4.module+el8.6.0+13337+afcb49ec.src.rpm  
plexus-containers-2.1.0-2.module+el8.6.0+13337+afcb49ec.src.rpm  
plexus-interpolation-1.26-3.module+el8.6.0+13337+afcb49ec.src.rpm  
plexus-sec-dispatcher-1.4-29.module+el8.6.0+13337+afcb49ec.src.rpm  
plexus-utils-3.3.0-3.module+el8.6.0+13337+afcb49ec.src.rpm  
sisu-0.3.4-2.module+el8.6.0+13337+afcb49ec.src.rpm  
slf4j-1.7.28-3.module+el8.6.0+13337+afcb49ec.src.rpm

noarch:  
aopalliance-1.0-20.module+el8.6.0+13337+afcb49ec.noarch.rpm  
apache-commons-cli-1.4-7.module+el8.6.0+13337+afcb49ec.noarch.rpm  
apache-commons-codec-1.13-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
apache-commons-io-2.6-6.module+el8.6.0+13337+afcb49ec.noarch.rpm  
apache-commons-lang3-3.9-4.module+el8.6.0+13337+afcb49ec.noarch.rpm  
atinject-1-31.20100611svn86.module+el8.6.0+13337+afcb49ec.noarch.rpm  
cdi-api-2.0.1-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
geronimo-annotation-1.0-26.module+el8.6.0+13337+afcb49ec.noarch.rpm  
google-guice-4.2.2-4.module+el8.6.0+13337+afcb49ec.noarch.rpm  
guava-28.1-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
httpcomponents-client-4.5.10-4.module+el8.6.0+13337+afcb49ec.noarch.rpm  
httpcomponents-core-4.4.12-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
jansi-1.18-4.module+el8.6.0+13337+afcb49ec.noarch.rpm  
jcl-over-slf4j-1.7.28-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
jsoup-1.12.1-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
jsr-305-0-0.25.20130910svn.module+el8.6.0+13337+afcb49ec.noarch.rpm  
maven-3.6.2-7.module+el8.6.0+13337+afcb49ec.noarch.rpm  
maven-lib-3.6.2-7.module+el8.6.0+13337+afcb49ec.noarch.rpm  
maven-openjdk11-3.6.2-7.module+el8.6.0+13337+afcb49ec.noarch.rpm  
maven-openjdk17-3.6.2-7.module+el8.6.0+13337+afcb49ec.noarch.rpm  
maven-openjdk8-3.6.2-7.module+el8.6.0+13337+afcb49ec.noarch.rpm  
maven-resolver-1.4.1-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
maven-shared-utils-3.2.1-0.5.module+el8.6.0+15049+43453910.noarch.rpm  
maven-wagon-3.3.4-2.module+el8.6.0+13337+afcb49ec.noarch.rpm  
plexus-cipher-1.7-17.module+el8.6.0+13337+afcb49ec.noarch.rpm  
plexus-classworlds-2.6.0-4.module+el8.6.0+13337+afcb49ec.noarch.rpm  
plexus-containers-component-annotations-2.1.0-2.module+el8.6.0+13337+afcb49ec.noarch.rpm  
plexus-interpolation-1.26-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
plexus-sec-dispatcher-1.4-29.module+el8.6.0+13337+afcb49ec.noarch.rpm  
plexus-utils-3.3.0-3.module+el8.6.0+13337+afcb49ec.noarch.rpm  
sisu-0.3.4-2.module+el8.6.0+13337+afcb49ec.noarch.rpm  
slf4j-1.7.28-3.module+el8.6.0+13337+afcb49ec.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-29599  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpTSBNzjgjWX9erEAQiJ1xAAkYmSMa4bJ5b6iRezcg6+upucDSznAYBj  
XKcomZR/XXwJ+nnDhzn8qiF20KNIBObUkmSiSpBuTCMAf4EH2qXgQAh+WM3Endfo  
ISUulqNPMwuexVCOOdp1QEjfXNGocxXKRF83FPSQjqNTh3pFmvRjFWGnMHOHs1UP  
OMOT/urpxB/2dKFUzA2fxhdj2kIumTON71Ixt55rmOpX+1/DMMoSDO0va4tREqPd  
BbIQcHKsFusBzi3Qz5aLBJa3dhzSJX7zDSrqbIicgclI2mMsxqUM1tLOdmsN8GLQ  
KSQhk5KDO4nI9bUdVerypA41Q30yVQ7vlRhsumEIlZFRCDitPLRRwhY9dbB1l4mu  
ba/+SDHOjx/tB+mDXHgSl8WxuBoH9vos6drGhSP59Hn29V0/hahrQnd0nmeCNFE5  
xfzJeJsar39cegvGBtdRp4hOtUqK9cpwp6/zcvuzsnoLQjnDBtBBtO+iqI9IKoGg  
fI+n+gGTP3Vwk9DwTszAyxEw2qKfW2gAlnWzzkqI7Hv0V1wgGgx1aNiEaEJjMc75  
ldiE/dTJY1p5RZ1uYdvWLrV3WYID3qD7sl3O4z8PZy9pCKjHgfYrHPdaIQhAJ/QS  
anr4t5uexxaB7uleQb+Uc5WxUEUFzUB1ne6DJoTHhQCoU6RodmvKDsAXvRcWrfIh  
VZiV7I9+BGU=  
=86Gf  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4797-01

An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud (ODF).
Other frequently targeted countries include Poland, Australia, the U.S., Germany, the U.K., Italy, France, and Portugal.
"The most

An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud (ODF).

Other frequently targeted countries include Poland, Australia, the U.S., Germany, the U.K., Italy, France, and Portugal.

"The most worrying leitmotif is the increasing attention to On-Device Fraud (ODF)," Dutch cybersecurity company ThreatFabric said in a report shared with The Hacker News.

"Just in the first five months of 2022 there has been an increase of more than 40% in malware families that abuse Android OS to perform fraud using the device itself, making it almost impossible to detect them using traditional fraud scoring engines."

Hydra, FluBot (aka Cabassous), Cerberus, Octo, and ERMAC accounted for the most active banking trojans based on the number of samples observed during the same period.

Accompanying this trend is the continued discovery of new dropper apps on Google Play Store that come under the guise of seemingly innocuous productivity and utility applications to distribute the malware -

*   Nano Cleaner (com.casualplay.leadbro)
*   QuickScan (com.zynksoftware.docuscanapp)
*   Chrome (com.talkleadihr)
*   Play Store (com.girltold85)
*   Pocket Screencaster (com.cutthousandjs)
*   Chrome (com.biyitunixiko.populolo)
*   Chrome (Mobile com.xifoforezuma.kebo)
*   BAWAG PSK Security (com.qjlpfydjb.bpycogkzm)

What's more, on-device fraud — which refers to a stealthy method of initiating rogue transactions from victim's devices — has made it feasible to use previously stolen credentials to login to banking applications and carry out financial transactions.

To make matters worse, the banking trojans have also been observed constantly updating their capabilities, with Octo devising an improved method to steal credentials from overlay screens even before they are submitted.

"This is done in order to be able to get the credentials even if \[the\] victim suspected something and closed the overlay without actually pressing the fake 'login' present in the overlay page," the researchers explained.

ERMAC, which emerged last September, has received noticeable upgrades of its own that allow it to siphon seed phrases from different cryptocurrency wallet apps in an automated fashion by taking advantage of Android's Accessibility Service.

Accessibility Service has been Android's Achilles' heel in recent years, allowing threat actors to leverage the legitimate API to serve unsuspecting users with fake overlay screens and capture sensitive information.

Last year, Google attempted to tackle the problem by ensuring that "only services that are designed to help people with disabilities access their device or otherwise overcome challenges stemming from their disabilities are eligible to declare that they are accessibility tools."

But the tech giant is going a step further in Android 13, which is currently in beta, by restricting API access for apps that the user has sideloaded from outside of an app store, effectively making it harder for potentially harmful apps to misuse the service.

That said, ThreatFabric noted it was able to bypass these restrictions trivially by means of a tweaked installation process, suggesting the need for a more stricter approach to counteract such threats.

It's recommended that users stick to downloading apps from the Google Play Store, avoid granting unusual permissions to apps that have no purpose asking for them (e.g., a calculator app asking to access contact lists), and watch out for any phishing attempts aimed at installing rogue apps.

"The openness of Android OS serves both good and bad as malware continues to abuse the legitimate features, whilst upcoming restrictions seem to hardly interfere with the malicious intentions of such apps," the researchers said.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise

The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.

The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.

ChromeLoader may seem on the surface like a run-of-the-mill browser hijacker that merely redirects victims to advertisement websites. However, its use of PowerShell could pose a greater risk by leading to further and advanced malicious activity, such as the propagation of ransomware or spyware or theft of browser-session data.

Researchers are warning of the potential for ChromeLoader—which has seen a resurgence in activity recently—to pose a more sophisticated threat than typical malvertisers do, according to two separate blog posts by Malwarebytes Labs and Red Canary.

ChromeLoader is a pervasive and persistent browser hijacker that eventually manifests as a browser extension, modifying victims’ Chrome settings and redirecting user traffic to advertisement websites. On Windows machines, victims become infected with the malware through ISO files that poses as a cracked video game or pirated films or TV programs, researchers said.

 However, ChromeLoader is platform agnostic, which means users of macOS also are at risk from infection, according to a blog post from Malwarebytes Lead Malware Intelligence Analyst Christopher Boyd. However, instead of lurking in ISO files, attackers use DMG (Apple Disk Image) files, a more common macOS format, to hide ChromeLoader, he said.

While its core functionality is fairly benign, ChromeLoader has a unique feature in that it uses PowerShell to inject itself into the browser and add a malicious extension to it—”a technique we don’t see very often (and one that often goes undetected by other security tools),” warned Aedan Russell from Red Canary’s Detection Engineering team in a blog post.

“If applied to a higher-impact threat—such as a credential harvester or spyware—this PowerShell behavior could help malware gain an initial foothold and go undetected before performing more overtly malicious activity, like exfiltrating data from a user’s browser sessions,” he wrote.

****The Infection Process****

ChromeLoader lurks in bogus files that are promoted on Twitter and through other services, or found on rogue and torrent sites offering pirated video games and other media for free download, researchers said.

“Some social media posts promote supposedly cracked Android games via QR codes which direct would-be gamers to rogue websites,” Boyd explained.

Double clicking the ISO file mounts it as a virtual CD-ROM, with the ISO’s executable claiming to be the content that the victim originally was looking for, he wrote.

“Within this ISO is an executable used to install ChromeLoader, along with what appears to be a .NET wrapper for the Windows Task Scheduler,” according to Red Canary’s Russell. “This is how ChromeLoader maintains its persistence on the victim’s machine later in the intrusion chain.”

Once installed, ChromeLoader uses a PowerShell command to load in a Chrome extension from a remote resource. PowerShell then removes the scheduled task so the victim has no idea that their browser has been compromised, Boyd said.

“At this point, search results cannot be trusted and bogus entries will be displayed to the user,” he wrote.

ChromeLoader uses the same bait—pirated videos or cracked games—to lure macOS users, but the infection process is a bit different, Russell explained. On macOS machines, ChromeLoader uses aDMG file that contains an installer script that can drop payloads for either Chrome or Safari instead of a portable executable file.

“When executed by the end user, the installer script then initiates cURL to retrieve a ZIP file containing the malicious browser extension and unzips it within the private/var/tmp directory, finally executing Chrome with command-line options to load the malicious extension,” he wrote.

****Mitigation and Detection****

Researchers offered mitigation advice as well as both user- and administrator-level ways to detect if a system has been infected with ChromeLoader.

One obvious tip is to avoid downloading pirated software or videos, which Boyd warned “is a very risky business,” not to mention illegal.

“If you’re downloading a torrent, you may well be rolling dice with regard to the digital health of your devices,” he wrote.

Users also can click on the “More” icon, then “More Tools -> Extensions” from the drop-down list in Chrome to see everything that’s installed, active or disabled, along with additional information about all extensions present. From there is anything looks dodgy, Google offers steps to reset browser settings or clean things up, he said.

Red Canary offered more advanced detection tactics based on ChromeLoader’s use of PowerShell to find out if a browser has been infected.

One is to search for PowerShell containing a shortened version of the encodedCommand flag in its command line, which can find the execution of encoded PowerShell commands. Another is to looks for instances of the Chrome browser executable spawning from PowerShell with a corresponding command line that includes appdata\\local as a parameter.

In macOS, security administrators can search forsh or bash scripts running in macOS environments with command lines associated with the macOS variant of ChromeLoader, as well as the execution of encoded sh, bash, or zsh commands on macOS endpoints to know if a browser has been infected.

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

Plus: Google patches 36 Android vulnerabilities, Cisco fixes three high-severity issues, and VMWare closes two “serious” flaws.

May has been another busy month of security updates, with Google’s Chrome browser and Android operating system, Zoom, and Apple’s iOS releasing patches to fix serious vulnerabilities.

Meanwhile, things have not run smoothly for Microsoft, which was forced to issue an out-of-band update after a disastrous Patch Tuesday during the month. And Cisco, Nvidia, Zoom, and VMWare all issued patches for pressing flaws.

Here’s what you need to know.

Apple iOS and iPadOS 15.5, macOS Big Sur 11.6.6, tvOS 15.5, watchOS 8.6

With Apple due to announce iOS 16 at its Worldwide Developers Conference in June, the iPhone maker released probably its last major iOS 15-point update in May. It came with new features, but iOS and iPadOS 15.5 also fixed 34 security vulnerabilities, some of which are serious.

Security issues fixed in iOS 15.5 include flaws in the Kernel, as well as in the WebKit browser engine, according to Apple’s support page. Thankfully, none of the issued patches in iOS and iPad 15.5 are being used in attacks, according to the company, but that doesn’t mean they won’t be if you don’t update now.

Meanwhile, users of macOS, tvOS, and the Apple Watch should update their devices ASAP, as Apple also issued an emergency update to patch an issue it believes is already being used in attacks. The flaw in Apple AVD, labeled CVE-2022-22675, could allow an app to execute code with Kernel privileges. Issues in the Kernel are as bad as it gets, so it’s worth checking and updating your devices right away.

Microsoft’s Flubbed May Patch Tuesday

Microsoft’s May Patch Tuesday was something of a disaster for the diligent businesses that installed it straight away.

On May 10, the firm issued security updates to fix 75 vulnerabilities, eight labeled as serious and three that were being exploited by attackers. The issues fixed in May’s Patch Tuesday were important, but there were soon problems for some Microsoft users, who reported authentication failures after installing the latest updates. It impacted people using the client and server Windows platforms and systems running all Windows versions, including Windows 11 and Windows Server 2022.

In a bid to fix the problem, the firm was forced to issue an out-of-band update for Windows 10, Windows 11, and Windows Server 2008, 2012, 2016, 2019, and 2022 on May 20. The update won’t install automatically—you need to download it from Microsoft’s update catalog.

Firefox 100.0.2

In early May, Mozilla released Firefox 100, including nine security fixes for its Firefox browser, of which seven were rated as high severity. But later in May, ethical hackers at the Pwn20wn competition in Vancouver were able to demonstrate how attackers could execute JavaScript code on devices running the latest Mozilla software. Mozilla fixed the issues in another updateFirefox 100.0.2, Firefox ESR 91.9.1, Firefox for Android 100.3, and Thunderbird 91.9.1. Click those update buttons.

Android

May’s Android security update is a big one, patching 36 vulnerabilities, including an issue already being exploited by attackers. This exploited flaw is a privilege escalation bug in the Linux Kernel known as “The Dirty Pipe.”

The flaw, which impacts newer Android devices running Android 12 and later, was disclosed by Google in February, but it has taken a while to reach devices.

You Need to Update iOS, Chrome, Windows, and Zoom ASAP

May has been another busy month of security updates, with Google’s Chrome browser and Android operating system, Zoom, and Apple’s iOS releasing patches to fix serious vulnerabilities.

Meanwhile, things have not run smoothly for Microsoft, which was forced to issue an out-of-band update after a disastrous Patch Tuesday during the month. And Cisco, Nvidia, Zoom, and VMWare all issued patches for pressing flaws.

Here’s what you need to know.

Apple iOS and iPadOS 15.5, macOS Big Sur 11.6.6, tvOS 15.5, watchOS 8.6

With Apple due to announce iOS 16 at its Worldwide Developers Conference in June, the iPhone maker released probably its last major iOS 15 point update in May. It came with new features, but iOS and iPadOS 15.5 also fixed 34 security vulnerabilities, some of which are serious.

Security issues fixed in iOS 15.5 include flaws in the Kernel as well as in the WebKit browser engine, according to Apple’s support page. Thankfully, none of the issued patches in iOS and iPad 15.5 are being used in attacks, according to the company, but that doesn’t mean they won’t be if you don’t update now.

Meanwhile, users of macOS, tvOS, and the Apple Watch should update their devices ASAP, as Apple also issued an emergency update to patch an issue it believes is already being used in attacks. The flaw in Apple AVD, labeled CVE-2022-22675, could allow an app to execute code with Kernel privileges. Issues in the Kernel are as bad as it gets, so it’s worth checking and updating your devices right away.

Microsoft’s Flubbed May Patch Tuesday

Microsoft’s May Patch Tuesday was something of a disaster for the diligent businesses that installed it straight away.

On May 10, the firm issued security updates to fix 75 vulnerabilities, eight labeled as serious and three that were being exploited by attackers. The issues fixed in May’s Patch Tuesday were important, but there were soon problems for some Microsoft users, who reported authentication failures after installing the latest updates. It impacted people using the client and server Windows platforms and systems running all Windows versions, including Windows 11 and Windows Server 2022.

In a bid to fix the problem, the firm was forced to issue an out-of-band update for Windows 10, Windows 11, and Windows Server 2008, 2012, 2016, 2019, and 2022 on May 20. The update won’t install automatically—you need to download it from Microsoft's update catalog.

Firefox 100.0.2

In early May, Mozilla released Firefox 100, including nine security fixes for its Firefox browser, of which seven were rated as high severity. But later in May, ethical hackers at the Pwn20wn competition in Vancouver were able to demonstrate how attackers could execute JavaScript code on devices running the latest Mozilla software. Mozilla fixed the issues in another update, Firefox 100.0.2, Firefox ESR 91.9.1, Firefox for Android 100.3, and Thunderbird 91.9.1. Click those update buttons.

Android

May’s Android security update is a big one, patching 36 vulnerabilities including an issue already being exploited by attackers. The already exploited flaw is a privilege escalation bug in the Linux Kernel known as “The Dirty Pipe.”

The flaw, which impacts newer Android devices running Android 12 and later, was disclosed by Google in February, but it’s taken a while to reach devices.

By Deeba Ahmed
Nao_Sec cybersecurity researchers state the “odd-looking” MS Word document was uploaded on VirusTotal from a Belarus IP address.…
This is a post from HackRead.com Read the original post: Researchers Warn of New Microsoft Office 0-Day Vulnerability “Follina”

**Nao\_Sec cybersecurity researchers state the “odd-looking” MS Word document was uploaded on VirusTotal from a Belarus IP address.**

Independent cybersecurity research group Nao\_Sec has revealed startling details of a new zero-day vulnerability identified in Microsoft Office. Dubbed Follina; researchers claim this flaw can be exploited in the wild, researchers noted.

According to researchers, the flaw is named so because of the reference 0438 in the malicious sample, the area code of a municipality in Treviso, Italy, called Follina.

**How Was the Flaw Discovered?**

On May 27th, a Nao\_Sec researcher posted on Twitter about discovering an odd-looking Word file titled 05-2022-0438.doc uploaded to VirusTotal from a Belarus-based IP address. The team, including researcher Kevin Beaumont, then started examining the malware.

**Details of the Vulnerability**

Further probe revealed that the zero-day could be abused to accomplish arbitrary code execution on vulnerable devices running Windows OS. On their Twitter handle, Nao\_Sec researchers explained in the blog post the attackers used MS Word’s external link for loading the HTML and later used the ‘ms-msdt’ scheme for executing PowerShell code.

> “The document uses the Word remote template feature to retrieve a HTML file from a remote web server, which in turn uses the ms-msdt MSProtocol URI scheme to load some code and execute some PowerShelll…That should not be possible.”
> 
> Beaumont

Microsoft Support Diagnostics Tool or MSDT is a utility used to collect and troubleshoot diagnostic data for support experts to analyze and fix the issue. Typically, MS Word documents are used for executing code through malicious macros. However, in this case, the Nao\_Sec research team learned that the code gets executed even when macros are disabled.

Moreover, Microsoft Defender also cannot prevent the execution for now, and Beaumont reported that the protected view isn’t activated even when they changed the file to RTF form and runs even without opening the file.

**Possible Dangers**

Other researchers, including Didier Stevens and NCC Group’s Rich Warren, apart from Kevin Beaumont, also confirmed that this zero-day flaw could be exploited remotely to execute arbitrary code on various versions of MS Office and MS Windows.

Beaumont tested the flaw against numerous Office versions such as Office Pro Plus, Office 2013, Office 2016, and Office 2021 and found that it didn’t work against the latest Office and Insider versions. This indicates Microsoft is working on a patch.

**More Microsoft and Windows Security News**

1.  Hackers are using Microsoft Teams chat to spread malware
2.  MS Word’ Malicious Macro Downloads Vawtrak Banking Trojan
3.  DuckDuckGo Allows Microsoft Trackers Despite No Tracking Policy
4.  Malicious Office documents make up 43% of all malware downloads
5.  Google, Microsoft, and Oracle generated the most vulnerabilities in 2021

Tag

#google