Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components

Hi @ll, since Microsoft Server 2003 R2, Microsoft dares to ship and install the abomination known as .NET Framework with every new version of Windows. Among other components current versions of Windows and .NET Framework include C# compiler

Local information disclosure in OpenSMTPD (CVE-2020-8793)

Qualys Security Advisory Local information disclosure in OpenSMTPD (CVE-2020-8793) == Contents == Summary Analysis Exploitation POKE 47196,

LPE and RCE in OpenSMTPD's default install (CVE-2020-8794)

Qualys Security Advisory LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) == Contents == Summary Analysis ... Acknowledgments

[SECURITY] [DSA 4633-1] curl security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4633-1 secur...@debian.org https://www.debian.org/security/ Alessandro Ghedini February 22, 2020

Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)

I've quoted the Cisco summary below as it's pretty accurate. tl;dr is an admin user on the web console can gain command execution and then escalate to root. If this is an issue in your environment, then please patch. Thanks to Cisco PSIRT who were responsive and professional. Shouts to Andrew,