Hello, welcome to the Friday, September 18th, 2020 edition of the Sands and Storm Center's Stormcast. My name is Johannes Ulrich.

And today I'm recording from Jacksonville, Florida. And yes, today it's actually Friday. Sorry for confusing you yesterday with the wrong day.

In responding to security events, speed is often off the essence.

And of course, you also want to be repeatable.

Today we have a great diary by Xavier introducing the active response feature in OSEC. OSEC is mostly a tool that collects

logs and parses them into a standard format, but it also has the ability to run scripts whenever

it sees a certain log entry. So this can be used to essentially automatically, for example,

then disconnect systems from a network or maybe suspend a virtual machine or such if there is a

suspicion that this particular system is compromised. And as usual, you'll find more details in Xavier's post from today.

And Microsoft this week also released updates for Office for the Mac.

These updates were not released as part of the regular patch Tuesday.

There are total of five vulnerabilities being

patched in this update, one for Excel, two for Word, and two for the office suite. Now,

these vulnerabilities are identical to vulnerabilities that were patched as part of Patch Tuesday.

This is just now the Mac version of these patches.

Not sure why this wasn't released at Patch Tuesday,

but this has happened before that the Mac patches were released a little bit delayed.

And VMware did release this week a new version of VMware Fusion version 12, which

fixes an important privilege escalation vulnerability.

Now, VMware 11 also suffers from that exact vulnerability, but there is at this point no patch available.

And patch should be coming out soon.

The Mvarez says it's pending and did not note a specific release date.

...