Threat Advisory: Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
September 17, 2018
The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system.
Herjavec Group encourages users and administrators to review MS-ISAC Advisory 2018-101 and the PHP Downloads page and apply the necessary updates.
Additional Context:
PHP lives in almost every environment in today’s cyber landscape. The advisory outlines a broad set of vulnerabilities affecting multiple versions of PHP. While there has not been any evidence of adversaries using these vulnerabilities to date we recommend that all users and administrators:
- Verify last code changes to PHP sites prior to patching
- Verify PHP level of access
- Update all affected servers
PHP Vulnerability Example:
An adversary compromises lumberyard[.]com with expectations that users from treelogging[.]com will visit the site. The adversary can then use lumberyard[.]com site to further compromise additional treelogging[.]com users and assets. In this example we strongly recommend users not click on unsolicited links.
To learn more about how Herjavec Group can help you secure your environment, please connect with a security specialist.
Herjavec Group circulates US – Cert advisories as this notification warrants attention and may have significance to your Enterprise network environment. If the following advisory is applicable to your environment, Herjavec Group recommends your IT team review the technical details included and monitor your environment for any susceptible systems. Herjavec Group’s analysts are working with applicable vendor partners to apply detection and mitigation strategies where appropriate. For Managed Services customers, our Managed Services team will engage with the appropriate technical contacts in your respective organizations directly to provide alerts, escalations, actions and or reports based our service agreement with you. If you have questions or concerns, please engage your Herjavec Group account representative directly or contact Herjavec Group.