Hello, welcome to the Thursday, March 19th, 2020 edition of the Sandcent Storm Center Stormcast.

My name is Johannes Ulrich.

I'm recording from Jacksonville, Florida.

Today we got a critical update from Trent Micro to start out with.

It does affect Apex 1 as well as Office ScanXG, and at least two of the

vulnerabilities are already actively being exploited. Another total of five vulnerabilities

that are being addressed in this update, the two that are already actively being exploited are rated as critical with a CVSS score of 9.1 and 8.0.

However, the reason they don't get the full score of 10 is in part because they do require some user authentication, but do, once the user is authenticated,

allow remote code execution.

The remaining three vulnerabilities actually have the CVSS score of a full 10, so no

authentication required, gaining system privileges, and all of that remotely, but no active exploitation of these

remaining three vulnerabilities yet. So this is certainly an update that you do want to apply

quickly, not sure how long it will take until we see an exploit for these other three

vulnerabilities, which actually appear to be more severe.

I'm not exactly sure if this is a good or a bad thing, but Trent Micro points out that

these products are basically the server, the backend part of their anti-Melver products,

and as such, you really shouldn't expose them to the open network

so that would make exploitation a bit more difficult.

And then we got another update from VMware, it's addressing two vulnerabilities,

one of which is only affecting the Mac version. So that's Fusion, BMRC

for Mac, and Horizon Clined for Mac. And it does make the Mac, so the host, vulnerable to

privilege escalation. What makes it so interesting kind of is that this is very trivial to exploit vulnerability, and there is already a public proof of concept exploit out there.

...