Load Value Injection / CVE-2020-0551 / INTEL-SA-00334

Name Load Value Injection / CVE-2020-0551 / INTEL-SA-00334 Tracking Number 2019-002 First Publish Date 25 Mar 2020 Date of Current Status 15 Apr 2020 Next Planned Update N/A Description A vulnerability in Intel processors with SGX (Intel Software Guard Extensions) potentially could allow exfiltration of data from SGX enclaves. What You Need To Know? Security […]

Microsoft Security Advisory ADV190023 LDAP

Name Microsoft Security Advisory ADV190023 LDAP Tracking Number NA First Publish Date 24 Feb 2020 Date of Current Status 26 Mar 2020 Next Planned Update N/A Description LDAP channel binding and LDAP signing provide ways to increase the security of network communications between an Active Directory Domain Services (AD DS) or an Active Directory Lightweight […]

Microsoft Windows 7 Embedded System OS End of Security Updates: What You Need to Know

Name: Microsoft Windows 7 Embedded System OS End of Security Updates: What You Need to Know Tracking Number 2020-001 First Publish Date 13 Jan 2020 Date of Current Status 13 Jan 2020 Next Planned Update NA Description End of support for Microsoft Windows 7 Embedded Systems Operating System (FES) running on Xerox products with EFI […]

Wind River VXWorks IPnet TCP/IP STACK Vulnerabilities

Name Wind River VXWorks IPnet TCP/IP STACK Vulnerabilities Tracking Number 2019-001 First Publish Date 29 Jul 2019 Date of Current Status 24 Apr 2020 Next Planned Update N/A Description A number of vulnerabilities in Wind River’s VXWorks IPnet TCP/IP Stack implementation have been reported. These vulnerabilities could allow attackers to hijack existing TCP sessions to […]

Xerox Security Summit Named Top Security Event of 2018

Award Announcement Xerox has long been a leader in sounding the alarm for and addressing security concerns in the print infrastructure, which increasingly is connected to the Internet to enable cloud-based work processes and mobile printing. Now Xerox is being recognized by Channelnomics, a trade publication that covers the business of selling through indirect channels. […]

Fax Vulnerability Affecting HP Printers

Name: Fax Vulnerability Affecting HP Printers Tracking Number 2018-002 First Publish Date 15-Aug-18 Date of Current Status 23-Aug-18 Next Planned Update NA Description Embedded fax may be vulnerable to remote code execution flaws What you need to know? Check Point Research were able to gain access using a phone line to send a fax that […]

Helpful Tips to make your Xerox device more secure

Xerox recommends the following to help protect your Xerox device: Don’t connect your Xerox device directly to the public Internet. Make sure it’s behind a firewall or router so that only you and your users have access to it. This helps keep outsiders from accessing the machine and interrupting your business. Change default passwords on […]

Spectre & Meltdown CPU Vulnerabilities

  Name: Name Spectre & Meltdown CPU Vulnerabilities Tracking Number 2018-001 First Publish Date 5-Jan-2018 Date of Current Status 29-Mar-2018 Description Vulnerabilities in select CPU vendors potentially could allow access to protected memory. What You Need to Know? Security researchers reported flaws in CPUs that may allow an attacker with local user access the ability […]

Xerox® AltaLink® Devices Achieve Common Criteria Certification

Name Xerox AltaLink Devices Achieve Common Criteria Certification Tracking Number 2017-015 Publish Date 8-Dec-17 Announcement On November 20, 2017, the AltaLink B8000 Series and AltaLink C8000 Series received National Information Assurance Partnership’s (NIAP) certification against the latest Common Criteria security protection profile for hardcopy devices. Xerox ConnectKey Technology-enabled AltaLink devices are the first multifunction printers […]

Vulnerability in WPA2 Affects WiFi

A researcher released a description and proof of concept code that takes advantage of a previously-unknown flaw in WPA2.

Mirai botnet attack

A recent Distributed Denial of Service (DDOS) attack has been attributed to the Mirai botnet.