Bohops

Name of the Vulnerable Software and Affected Versions: Windows Security App (affected versions not specified) Description: The Windows Security App contains a flaw related to external control of file names or paths. This allows an authorized attacker to perform local spoofing. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bitdefender Antivirus for Mac (affected versions not specified) **Description** A vulnerability in the AntivirusforMac binary allows an attacker to inject a library using the DYLD environment variable, leading to third-party code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Server 2016 Windows 10 Windows Server 2019 Windows 10 Servers **Description** The issue is related to a security feature bypass in the Device Guard component of the Windows operating system, which is caused by errors in security settings. This could allow a local attacker to inject arbitrary code into a Windows PowerShell session. **Recommendations** For Windows Server 2016, update the Device Guard settings to prevent code injection. For Windows 10, apply the necessary security patches to fix the bypass vulnerability. For Windows Server 2019, modify the code integrity policy to prevent malicious code injection. For Windows 10 Servers, restrict access to the Windows PowerShell session until the issue is resolved.