Member's Corner

Announcement

thumbnail

Perhatian: Tempoh “downtime” hanya memakan masa maksimum 15 minit dari tempoh sebenar “downtime” yang dijadualkan.

Dimaklumkan bahawa kemungkinan terdapat gangguan terhadap perkhidmatan yang berikut atas sebab-sebab penyelenggaraan sistem yang telah dijadualkan seperti di bawah.

thumbnail

Dear All Govt Users,

Please be informed that there will be a disruption to the following scheduled system maintenance as outlined below.

SERVICE AFFECTED
All Sabah Govt Services

thumbnail

Dear All Govt Users,

Please be informed that there will be a disruption to the following scheduled system maintenance as outlined below.

SERVICE AFFECTED
All Sabah Govt Services

thumbnail

Please be informed that there may be a disruption to the following services due to schedule planned maintenance as listed below:-

START DATE/ TIME
Sunday, 05th Jan 2020 (12:00am)

END DATE/ TIME
Sunday, 05th Jan 2020 (03:00am)

thumbnail

Please be informed that there may be a disruption to the following services due to schedule planned maintenance as listed below:-

START DATE/ TIME
Sunday, 22nd Dec 2019 (12:00am)

END DATE/ TIME
Sunday, 22nd Dec 2019 (03:00am)

Virus & Security Alert

Vulnerability Name Severity Advisory Date
December 2019 - Microsoft Releases Security Patches Microsoft addresses several vulnerabilities in its December security bulletin. Trend Micro Deep Security covers the following:

    CVE-2019-0617 - Jet Database Engine Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the Windows Jet Database engine in respect to handling objects in memory. Attackers looking to exploit this vulnerability must find a way to convince a user to open a specially crafted file.



    CVE-2019-1485 - VBScript Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper handling of objects in memory by VBScript engine. Attackers looking to exploit this vulnerability must find a way to convince a user to access a malicious website where the exploit is hosted.



    CVE-2019-0853 - GDI Remote Code Execution Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper handling of objects by the Windows Graphics Device Interface (GDI). Attackers looking to exploit this vulnerability must find a way for a user to open a website that contains the exploit, or to open a specially crafted file via file-sharing.



    CVE-2019-1458 - Win32k Elevation of Privilege Vulnerability
    Risk Rating: Important

    This elevation of privilege vulnerability exists in the improper handling of objects by the the Win32k component in Windows. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted application.



    CVE-2019-1439 - Windows GDI Information Disclosure Vulnerability
    Risk Rating: Important

    This information disclosure vulnerability exists in the improper handling of objects in memory by the Windows GDI component. Attackers looking to exploit this vulnerability must find a way for a user to execute a specially crafted document.



    CVE-2019-1117 - DirectWrite Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper handling of objects in memory by the DirectWrite. Attackers looking to exploit this vulnerability must find a way for a user to execute a specially crafted document.



    CVE-2019-1118 - DirectWrite Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper handling of objects in memory by the DirectWrite. Attackers looking to exploit this vulnerability must find a way for a user to execute a specially crafted document.



    CVE-2019-1119 - DirectWrite Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper handling of objects in memory by the DirectWrite. Attackers looking to exploit this vulnerability must find a way for a user to execute a specially crafted document.



    CVE-2019-0959 - Windows Common Log File System Driver Elevation of Privilege Vulnerability
    Risk Rating: Important

    This elevation of privilege vulnerability exists in the improper handling of objects in memory by the Windows Common Log File System. Attackers looking to exploit this vulnerability must find a way for a user to execute a specially crafted application.


.
Read More
11/12/2019
November 2019 - Microsoft Releases Security Patches Microsoft addresses several vulnerabilities in its November security bulletin. Trend Micro Deep Security covers the following:

    CVE-2019-1390 - BScript Remote Code Execution Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the VBScript engine in respect to handling objects in memory. Attackers looking to exploit this vulnerability must find a way to convince a user to access a malicious website where the exploit is hosted.



    CVE-2019-1429 - Scripting Engine Memory Corruption Vulnerability
    Risk Rating: Critical

    This elevation of privilege vulnerability exists in the improper handling of objects in memory by the scripting engine in Internet Explorer. Attackers looking to exploit this vulnerability must find a way to convince a user to access a malicious website where the exploit is hosted.



    CVE-2019-1359 - Jet Database Engine Remote Code Execution Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper handling of objects by the Windows Jet Database Engine. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted file.



    CVE-2019-1358 - Jet Database Engine Remote Code Execution Vulnerability
    Risk Rating: Critical

    This remote code execution vulnerability exists in the improper handling of objects by the Windows Jet Database Engine. Attackers looking to exploit this vulnerability must find a way for a user to open a specially crafted file.



    CVE-2019-1311 - Windows Imaging API Remote Code Execution Vulnerability
    Risk Rating: Important

    This remote code execution vulnerability exists in the improper handling of objects in memory by the Windows Imaging API. Attackers looking to exploit this vulnerability must find a way for a user to execute a specially crafted .WIM file.


.
Read More
12/11/2019
February 2016 - Microsoft Releases 13 Security Advisories Microsoft addresses the following vulnerabilities in its February batch of patches:


(MS16-009) Cumulative Security Update for Internet Explorer (3134220)
Risk Rating: Critical

This security update resolves several vulnerabilities in Internet Explorer.The more severe of the vulnerabilities could allow remote code execution if a user visits a malicious website.
Read More
05/11/2019
March 2016 - Microsoft Releases 13 Security Advisories Microsoft addresses the following vulnerabilities in its March batch of patches:


(MS16-023) Cumulative Security Update for Internet Explorer (3142015)
Risk Rating: Critical

This security update resolves several vulnerabilities in Internet Explorer.The more severe of the vulnerabilities could allow remote code execution if a user visits a malicious website.
Read More
05/11/2019
Adobe Flash Player Vulnerability (CVE-2016-1019) This vulnerability, tagged as ‘critical’ is found in Adobe Flash Player 21.0.
Read More
05/11/2019
  • 24 x 7 Hotline

    088-234101

  • Tel (Working Hours)

    088-234101

  • Office Opening Hours:

    Mon - Fri: 8:00am - 5:00pm