Hello everyone：
Forward the vulnerability warning announcement of the National Information Security Research Institute, and ask colleagues to confirm and update or patch it as soon as possible to reduce related information security risks.

1. OpenSSH has a high-risk security vulnerability (CVE-2024-6387)
  ■ Researchers have discovered that OpenSSH has a race condition vulnerability (CVE-2024-6387), which allows unauthenticated remote attackers to use this vulnerability to execute arbitrary code. This vulnerability has been exploited by hackers. Please try to Confirm and fix quickly.
  ■ Disposal suggestion: Please upgrade OpenSSH to version 9.8p1 (inclusive) or above.

2. GeoServer has a high-risk security vulnerability (CVE-2024-36401)
  ■ Researchers discovered that GeoServer has a code injection vulnerability (CVE-2024-36401). An unauthenticated remote attacker can use this vulnerability to remotely execute arbitrary code. The proof of concept (PoC) of this vulnerability has been made public. Please confirm and patch it as soon as possible.
  ■ Disposal suggestions:
  The official has released a fix update for the vulnerability. Please refer to the official instructions to update. Link: https://github.com/advisories/GHSA-6jj6-gm7p-fcvv 

3. Microsoft Windows MSHTML Platform has a high-risk security vulnerability (CVE-2024-38112)
  ■ Researchers have discovered a Remote Code Execution vulnerability (CVE-2024-38112) in the Microsoft Windows MSHTML Platform, which allows unauthenticated remote attackers to trick users into downloading malicious files and then use this vulnerability to execute arbitrary commands. Program code. This vulnerability has been exploited by hackers, please confirm and patch it as soon as possible.
  ■ Disposal suggestions:
  The official has released a fix update for the vulnerability. Please refer to the official instructions to update. 
  Link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112 

4. Microsoft Windows Hyper-V has a high-risk security vulnerability (CVE-2024-38080)
  ■ Researchers have discovered that Microsoft Windows Hyper-V has a Local Privilege Escalation vulnerability (CVE-2024-38080). A local-side attacker who has obtained general privileges can use this vulnerability to escalate to system privileges. This vulnerability has been exploited by hackers, please confirm and patch it as soon as possible.
  ■ Disposal suggestions:
  The official has released a fix update for the vulnerability. Please refer to the official instructions to update.
  Link: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080 

5. Related Articles:
  ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1283/
  ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1284/ 
  ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1286/
  ■ https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1287/

For more question about information security, please directly consult with Computer Center, at rogeryu@mail.ntust.edu.tw or applechang@mail.ntust.edu.tw