www/proprietary proprietary-insecurity.html mal...

www-commits
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary proprietary-insecurity.html mal...

From:	Ali Reza Hayati
Subject:	www/proprietary proprietary-insecurity.html mal...
Date:	Fri, 16 Apr 2021 13:20:11 -0400 (EDT)
CVSROOT:        /web/www
Module name:    www
Changes by:     Ali Reza Hayati <arh>   21/04/16 13:20:11

Modified files:
        proprietary    : proprietary-insecurity.html 
                         malware-in-online-conferencing.html 
                         proprietary.html 
        proprietary/workshop: mal.rec 

Log message:
        Added item about Zoom's zero-day insecurity (www-discuss 2021-04-12)

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.html?cvsroot=www&r1=1.154&r2=1.155
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-in-online-conferencing.html?cvsroot=www&r1=1.12&r2=1.13
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary.html?cvsroot=www&r1=1.325&r2=1.326
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/workshop/mal.rec?cvsroot=www&r1=1.328&r2=1.329

Patches:
Index: proprietary-insecurity.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-insecurity.html,v
retrieving revision 1.154
retrieving revision 1.155
diff -u -b -r1.154 -r1.155
--- proprietary-insecurity.html 16 Mar 2021 18:06:36 -0000      1.154
+++ proprietary-insecurity.html 16 Apr 2021 17:20:11 -0000      1.155
@@ -76,6 +76,17 @@
 <div class="column-limit" id="proprietary-insecurity"></div>
 
 <ul class="blurbs">
+  <li id="M202104090">
+    <!--#set var="DATE" value='<small class="date-tag">2021-04</small>'
+    --><!--#echo encoding="none" var="DATE" -->
+    <p>A zero-day vulnerability in Zoom which <a
+    
href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/";>can
+    be used to launch remote code execution (RCE) attacks</a> has been
+    disclosed by researchers. The researchers demonstrated a three-bug
+    attack chain that caused an RCE on a target machine, and all without
+    any form of user interaction.</p>
+  </li>
+
   <li id="M202103090">
     <!--#set var="DATE" value='<small class="date-tag">2021-03</small>'
     --><!--#echo encoding="none" var="DATE" -->
@@ -1076,7 +1087,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2021/03/16 18:06:36 $
+$Date: 2021/04/16 17:20:11 $
 <!-- timestamp end -->
 </p>
 </div>

Index: malware-in-online-conferencing.html
===================================================================
RCS file: /web/www/www/proprietary/malware-in-online-conferencing.html,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -b -r1.12 -r1.13
--- malware-in-online-conferencing.html 15 Mar 2021 11:09:51 -0000      1.12
+++ malware-in-online-conferencing.html 16 Apr 2021 17:20:11 -0000      1.13
@@ -65,6 +65,17 @@
 <div class="column-limit" id="malware-in-online-conferencing"></div>
 
 <ul class="blurbs">
+  <li id="M202104090">
+    <!--#set var="DATE" value='<small class="date-tag">2021-04</small>'
+    --><!--#echo encoding="none" var="DATE" -->
+    <p>A zero-day vulnerability in Zoom which <a
+    
href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/";>can
+    be used to launch remote code execution (RCE) attacks</a> has been
+    disclosed by researchers. The researchers demonstrated a three-bug
+    attack chain that caused an RCE on a target machine, and all without
+    any form of user interaction.</p>
+  </li>
+
   <li id="M202012190">
     <!--#set var="DATE" value='<small class="date-tag">2020-12</small>'
     --><!--#echo encoding="none" var="DATE" -->
@@ -202,7 +213,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2021/03/15 11:09:51 $
+$Date: 2021/04/16 17:20:11 $
 <!-- timestamp end -->
 </p>
 </div>

Index: proprietary.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary.html,v
retrieving revision 1.325
retrieving revision 1.326
diff -u -b -r1.325 -r1.326
--- proprietary.html    15 Apr 2021 18:49:25 -0000      1.325
+++ proprietary.html    16 Apr 2021 17:20:11 -0000      1.326
@@ -186,6 +186,17 @@
 <h3 id="latest">Latest additions</h3>
 
 <ul class="blurbs">
+  <li id="M202104090">
+    <!--#set var="DATE" value='<small class="date-tag">2021-04</small>'
+    --><!--#echo encoding="none" var="DATE" -->
+    <p>A zero-day vulnerability in Zoom which <a
+    
href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/";>can
+    be used to launch remote code execution (RCE) attacks</a> has been
+    disclosed by researchers. The researchers demonstrated a three-bug
+    attack chain that caused an RCE on a target machine, and all without
+    any form of user interaction.</p>
+  </li>
+
   <li id="M202102160">
     <!--#set var="DATE" value='<small class="date-tag">2021-02</small>'
     --><!--#echo encoding="none" var="DATE" -->
@@ -242,19 +253,6 @@
     wrongly refers to crackers as &ldquo;<a
     
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>&rdquo;.</small></p>
   </li>
-
-  <li id="M202010282">
-    <!--#set var="DATE" value='<small class="date-tag">2020-10</small>'
-    --><!--#echo encoding="none" var="DATE" -->
-    <p>TV manufacturers are turning to produce only
-    &ldquo;Smart&rdquo; TV sets (which include spyware) that <a
-    href="https://frame.work/blog/in-defense-of-dumb-tvs";>it's now very
-    hard to find a TV that doesn't spy on you</a>.</p>
-
-    <p>It appears that those manufacturers business model is not to produce
-    TV and sell them for money, but to collect your personal data and
-    (possibly) hand over them to others for benefit.</p>
-  </li>
 </ul>
 
 </div>
@@ -317,7 +315,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2021/04/15 18:49:25 $
+$Date: 2021/04/16 17:20:11 $
 <!-- timestamp end -->
 </p>
 </div>

Index: workshop/mal.rec
===================================================================
RCS file: /web/www/www/proprietary/workshop/mal.rec,v
retrieving revision 1.328
retrieving revision 1.329
diff -u -b -r1.328 -r1.329
--- workshop/mal.rec    15 Apr 2021 18:49:26 -0000      1.328
+++ workshop/mal.rec    16 Apr 2021 17:20:11 -0000      1.329
@@ -24,6 +24,20 @@
 ####    Please don't remove the blank line after this marker!    ####
 # ADD NEW BLURB HERE
 
+Added: 2021-04-16
+Id: 202104090
+RT: www-discuss 2021-04-12
+PubDate: 2021-04-09
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-in-online-conferencing.html malware-in-online-conferencing
+Keywords: Zoom, Conferencing, Insecurity
+Blurb: <p>A zero-day vulnerability in Zoom which <a
++   
href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/";>can
++   be used to launch remote code execution (RCE) attacks</a> has been
++   disclosed by researchers. The researchers demonstrated a three-bug
++   attack chain that caused an RCE on a target machine, and all without
++   any form of user interaction.</p>
+
 Added: 2021-04-11
 Id: 202007020
 RT: www-discuss 2021-04-08
[Prev in Thread]
Current Thread
[Next in Thread]
www/proprietary proprietary-insecurity.html mal..., Ali Reza Hayati <=
Prev by Date: www/server sitemap.ar.html sitemap.de.html site...
Next by Date: www/proprietary/po de.po es.po fr.po it.po ja.p...
Previous by thread: www/server sitemap.ar.html sitemap.de.html site...
Next by thread: www proprietary/po/ru.po server/po/sitemap.ru.po
Index(es):
- Date
- Thread