F5 BIG-IP icon   F5 BIG-IP – Vulnerability!! CVE-2020-5902 – Remote Code Execution (RCE)



Security Advisory Description

The Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. (CVE-2020-5902)

Description

This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the Configuration utility, through the BIG-IP management port and/or self IPs, to execute arbitrary system commandsRead more

   Exchange – Update to fix escalation privilege vulnerability



Due to the vulnerability that allows privilege escalation I wrote about in this post, Microsoft has released a cumulative update for all supported versions of Exchange Server (Exchange 2010, 2013, 2016 and 2019).

Read more

Windows   Windows – .NET Framework 4.7.1 install stuck / hangs



I needed to install .NET 4.7.1 to allow updating Exchange 2013 to CU 21.
This is the installer I downloaded and tried to install: https://www.microsoft.com/en-us/download/details.aspx?id=56116

But the installation never ends. It remains stuck without progressing in the “Installation progress” bar. Tested both with offline and online installation:
Windows - .NET Framework 4.7.1 install stuck hangs

To install .NET Framework 4.7.1 download the msu package from the following link:… Read more

Lync   Lync – Update Lync Phone Edition devices



This post explains the steps to perform an update of the Lync Phone Edition device.
In this scenario the phone is a HP4120 connected to Lync Server 2010.

Download and extract the last update

My Lync phone devices actual version is 4.0.7577.4451
Lync Phone Edition HP4120 4.0.7577.4451

There is version I can update to so I have downloaded the 4.0.7577.4487 Lync Phone Edition version for … Read more