RSS Feed
News
Feb
14
Cisco ASA Critical Vulnerability
Posted by Julian Harse on 14 February 2018 03:51 PM

Cisco recently published a security advisory for vulnerabilities affecting Cisco ASA firewalls. The vulnerability has been given a Common Vulnerability Scoring System (CVSS) score of 10 (critical), which is the most severe rating.

Initially the advisory was confirmed to only affect firewalls which had Cisco AnyConnect remote access VPN enabled, however it was extended once additional vulnerabilities were discovered in the ASDM management interface.

CWCS will be installing updates for customers with Cisco ASA firewalls managed by CWCS. A reboot will be required to finalise the update, CWCS will contact customers when this is ready to be scheduled.

Colocation customers using their own Cisco ASA firewalls will need to obtain their own updates, this can either be through a support contract or by directly contacting Cisco TAC.

If you have any questions, please contact our support team on 0808 1 333 247 or submit a support ticket.


Read more »



Dec
19
Change Freeze
Posted by Julian Harse on 19 December 2017 11:10 AM

CWCS will be operating a change freeze from 21 December 2017 until 4 January 2018.

 

Non-essential works will not be scheduled during this period due to reduced staffing throughout the industry.


Read more »



Dec
8
Urgent Microsoft Patch - Remote Code Execution Vulnerability
Posted by Julian Harse on 08 December 2017 06:49 PM

Microsoft have issued an emergency patch for a vulnerability in Windows Defender (CVE-2017-11937) affecting Windows Server 2016 (and Windows desktops 7–10) which potentially allows an attacker to execute malicious code on a system and could allow them to take control of it.

The update is being deployed to customer servers with Gold or Platinum management by CWCS system administrators. Any customers without management should perform a Windows Update as soon as possible to ensure that their servers are up to date with the latest security patches.

If you would like to discuss this update or any concerns with our support team, please call 0808 133 3247 or submit a support ticket. CWCS support are on hand 24/7/365 days a year to assist with your enquiry.


Read more »



Mar
14
Vulnerability (CVE-2017-2636) has been discovered in the Linux kernel
Posted by Nicky Longden on 14 March 2017 06:45 PM

A vulnerability (CVE-2017-2636) has been discovered in the Linux kernel which allows unprivileged local users to escalate their privileges. Combined with a remote code execution vulnerability, such as a vulnerability in a web application, this could potentially allow a remote attacker to take over the system. More technical details can be found at http://www.openwall.com/lists/oss-security/2017/03/07/6. The vulnerability affects all recent versions of CentOS, Debian and Ubuntu, with the exception of CentOS 5. Fixes are already available for all currently supported releases of Debian and Ubuntu. When fixes are released for CentOS, this will be announced on the CentOS-announce mailing list (https://lists.centos.org/mailman/listinfo/centos-announce). We have already updated servers for our managed customers running Debian and Ubuntu, and will have been in touch to schedule reboots (as this is a kernel update, you are still vulnerable until you have rebooted). We will update managed CentOS servers as and when a fix is released. Please note that users of distributions that have reached the end of their support life (CentOS 4 and earlier, Debian 6 and earlier, any Ubuntu releases other than 12.04, 14.04, 16.04 and 16.10) are highly likely to be affected, but will not receive any security updates. We strongly recommend that users of such distributions contact us to discuss upgrade options as a matter of urgency. Please contact our sales team on 0800 1 777 000 if you would like to discuss your options.


Read more »



Jan
6

Remote code execution vulnerabilities have been discovered in the popular PHP mail sending libraries PHPMailer and SwiftMailer. Improper validation of email addresses potentially allows an attacker to execute arbitrary code as the user running PHP. These vulnerabilities could be employed for example to send out spam from the server, or to perform denial of service (DoS) attacks against other internet users. Combined with a local privilege escalation vulnerability or poorly set file permissions, they could also be used as a stepping stone to further compromise the server.

The vulnerabilities are fixed in PHPMailer version 5.2.20 and SwiftMailer version 5.4.5. It is highly recommended that all users upgrade to these or later versions as soon as possible. Note that an initial fix for PHPMailer, released as version 5.2.18, was found to be incomplete, so any server running this or version 5.2.19 is still vulnerable.

PHPMailer is used in many popular web applications, including Wordpress, Drupal and Joomla. If you run these or any other applications that include PHPMailer, you should install any updates as soon as they become available. If in doubt, contact the vendor and ask if they are vulnerable to any of the following CVEs, and if fixes are available:

CVE-2016-10033
CVE-2016-10045
CVE-2016-10074

More technical details of these vulnerabilities can be found
 by clicking on the relevant CVE above, or alternatively if you’d prefer to discuss this or any concerns with our support team, please call 0808 133 3247 or submit a support ticket.

 

CWCS advisors and support are on hand 24/7 365 days a year to assist with your enquiry.


Read more »



Nov
30
ICANN Domain Transfer Policy Update - 1 Dec 2016
Posted by Julian Harse on 30 November 2016 01:12 PM

On December 1, 2016, ICANN will enforce a new transfer policy that modifies the process of changing domain ownership from one registrant to another. The implementation of the policy is being imposed on all registrars including CWCS.

Up until now, this policy only covered domain transfers between registrars. The new policy now also covers the process of changing ownership of the domain from one entity to another (registrant to registrant). Now, every time a change of registrant takes place, a series of confirmation and approval emails are triggered. I.e. updates to a registrant’s first name, last name, organisation and email address and will require email approval before going into effect.

For more information, please see our FAQ.


Read more »