Critical vulnerability in BIND and in Android devices running Android versions 2.2 through 5.1.1_r4.



Connectikpeople.co recalls that ISC has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition.
Updates available include:
  • BIND 9-version 9.9.7-P2
  • BIND 9-version 9.10.2-P3
Users and administrators are encouraged to review ISC Knowledge Base Article AA-01272 and apply the necessary updates.

Connectikpeople.co also recalls that, Android devices running Android versions 2.2 through 5.1.1_r4 contain vulnerabilities in the Stagefright media playback engine. Exploitation of these vulnerabilities may allow an attacker to access multimedia files or potentially take control of a vulnerable device.

Therefore, Users and administrators are encouraged to review Vulnerability Note VU#924951 for more information. 

US-CERT recommends affected Android users contact their wireless carrier or device manufacturer for a software update.

Popular Posts