[FD] [ADV170017] Defense in depth -- the Microsoft way (part 54): escalation of privilege during installation of Microsoft Office 20xy

Hi @ll, during installation of Microsoft Office 2003 and newer versions as well as single components of Microsoft Office products, the executable of the "Office Source Engine", ose.exe, is copied as "%TEMP%\ose0.exe" and then executed with elevated privileges. %TEMP% is writable by unprivileg

[FD] APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001 Security Update 2018-001 addresses the following: Crash Reporter Available for: macOS High Sierra 10.13.4 Impact: An application may be able to gain ele

[FD] CVE-2018-10201 – Ncomputing vSpace Pro Directory Traversal Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Full disclosure of this vulnerability leaves a huge number of servers at risk. http://www.kwell.net/kwell_blog/?p=5199 CVE-2018-10201 – Ncomputing vSpace Pro Directory Traversal Vulnerability *_CVE-2018-10201_* *Ncomputing vSpace Pro Director