Saturday, April 30, 2022

VMware horizon client upgrade and reinstall handling when you using Cisco JVDI client

  1. If you upgrade Horizon client from 5.x to 8.x, no action is required on Cisco JVDI client
  2. If you uninstall/reinstall Horizon client, you need to reinstall Cisco JVDI client after the Horizon client being uninstall / reinstall.

 

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 2:49 PM 0 comments
Labels: , , , ,

Tuesday, April 26, 2022

After upgrade to VMware 8 (2111)- Zoom on VDI - need to upgrade zoom VMware media plugin on the physical machine

VMware Horizon 8 2111 is an Extended Service Branch (ESB), after you upgrade the infra, if you upgrade your horizon client from 5.x (Horizon 7), to 8.x (e.g. 8.41 (2111)) or 8.5 (2203)). You need to also upgrade your Zoom Plug-in on client for VMware Horizon. Otherwise, your Zoom running on your VDI have many malfunctioning.

 

Zoom Plug-in on client for VMware Horizon

https://zoom.us/download/vdi/5.10.2/ZoomVmwareMediaPlugin.msi

 

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 11:00 PM 0 comments
Labels: , , , , ,

Information Security - Infohub in mainland China

《安全内参》是专注于网络安全产业发展和行业应用的高端智库平台,依托于专业的安全团队和国内外产业和行业智库的专家团队,为网络安全相关政府主管、行业、企业和机构的管理者、决策者和从业者提供全球视野、高价值的安全知识和安全智慧,致力于成为网络安全首席知识官。

https://www.secrss.com/ 

 

 

安全牛是中国网络安全领域的专业媒体和旗舰智库,精确定位并服务于CISO/CSO/CTO/CIO决策者人群,向国内企业的决策管理者以及IT专业人士提供独立客观、高品质、有价值的战略性网络安全内容。安全牛致力于推动中国企业跨越"安全鸿沟",促进中国网络安全产业的健康发展。

https://www.aqniu.com/# 

 

 

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 10:59 PM 0 comments
Labels: , , ,

Tuesday, April 19, 2022

CVE-2022-29072 - 7 zip zero-day vulnerability

7-Zip through 21.07 (The latest release until 4/19/2022) on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.

 

Workaround:

Delete the 7-zip.chm file in the 7-Zip installation directory

 

 

Reference:

https://securityonline.info/cve-2022-29072-7-zip-privilege-escalation-vulnerability/

https://github.com/kagancapar/CVE-2022-29072#mitigations

https://www.ghacks.net/2022/04/18/workaround-for-security-issue-in-7-zip-until-it-is-fixed/

https://vuldb.com/zh/?id.197545

 

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 12:36 AM 0 comments
Labels: , ,

Saturday, April 2, 2022

Guidance for reducing Spring4Shell security vulnerability risk with Citrix WAF (CVE-2022-22963 / CVE-2022-22965)

Guidance for reducing Spring4Shell security vulnerability risk with Citrix WAF | Citrix Blogs

 

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 11:18 PM 0 comments
Labels: , , , , ,

深信服 - 漏洞二次通告 :Spring Framework远程代码执行漏洞CVE-2022-22965

 

漏洞二次通告 Spring Framework远程代码执行漏洞CVE-2022-22965 (kdzl.cn)

 

修复建议参考《Spring Framework远程代码执行漏洞CVE-2022-22965响应通告》

报告下载地址:

https://edr.sangfor.com.cn//api/download/Spring%20Framework%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9ECVE-2022-22965%E5%93%8D%E5%BA%94%E9%80%9A%E5%91%8A.pdf

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 11:09 PM 0 comments
Labels: , ,

McAfee IPS - Network Security Platform (NSP) User-Defined Signature: CVE Number: CVE-2022-22963 and CVE-2022-22965

Coverage for Spring Cloud Vulnerability (CVE-2022-22963), Spring Beans Vulnerability (CVE-2022-22965), and Spring Expression Vulnerability (CVE-2022-22950)

 

https://kc.mcafee.com/corporate/index?page=content&id=KB95447&locale=en_US

 

 

Print Friendly and PDF
Share/Bookmark
Posted by Billy Fung at 9:52 PM 0 comments
Labels: , , , , , ,
Subscribe to: Posts (Atom)