1. You are here:  
  2. Home
  3. Services
  4. Online Advisories & Alerts

Online Advisories & Alerts

CERT VU advisories & alerts disclose current reported cyber security vulnerabilities and threats identified in Vanuatu. The advisories deliver provide a summary of the threat analysed. Descriptions of the threat reported and mitigation procedures are provided as part of the advisory on how to mitigate the threats to minimise their impacts. Finally, a Traffic Light Protocol (TLP: Colour – See guides page for more information) indicator to show the level or information security and sharing rights.

Advisory 20

TLP Rating: Clear

Vulnerability in the Microsoft Support Diagnostic Tool (MSDT).

CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provides the following advisory.

On the 31st May 2022, Microsoft disclosed a remote code execution (RCE) vulnerability in the Microsoft Support Diagnostic Tool (MSDT). CERT Vanuatu has received an advisory from its collaborating partners the Australia Cyber Security Centre (ACSC) and the United Stated Cybersecurity Infrastructure Security Agency (CISA) of this threat.

Advisory 19

TLP Rating: Clear

Text Message Scam.

CERT Vanuatu and the Office of the Chief Information Officer (OGCIO) provides the following advisory.

 CERT Vanuatu (CERTVU) office has received reports from Digicel Limited in regarding the above-mentioned attacks on its constituents using Digicel Mobile Network. Therefore, CERTVU is putting out this advisory for all it’s constituents using Digicel Network who could become victims to this attack.

Advisory 18

TLP Rating: Clear

Critical vulnerabilities identified in Microsoft Office (Excel _CVE-2021-42292).

CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provides the following advisory by its international partners.

CERTVU office would like to advise it’s constituents on critical vulnerabilities identified in locally installed versions of Microsoft Excel which allows a cyber-actor to bypass a key security control.

 

Advisory 17

TLP Rating: Clear

Apple iMessage vulnerability targeted by attackers

CERT Vanuatu (CERTVU) and the Office of the Chief Information was alerted of this vulnerabilities by its international partners.

The CERTVU office would like to advise users that apple has released a software update for iOS, macOS and watchOS due to vulnerabilities discovered.

 

Advisory 16

TLP Rating: Clear

On-Premises Exchange Server Vulnerabilities - CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.

CERT Vanuatu (CERTVU) and the Office of the Government Information Officer was alerted of these vulnerabilities by its international partners.

The CERTVU office would like to advise institutions and corporate companies with on-premises Exchange Servers. Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of MS Exchange servers in limited and targeted attacks.

Advisory 15

TLP Rating: Clear

Urgent Microsoft Exchange security update released.

CERT Vanuatu (CERTVU) and the Office of the Chief Information was alerted of this vulnerabilities by its international partners.

The CERTVU office would like to advise it’s constituents on possible critical vulnerabilities in Microsoft Exchange. Microsoft has released an urgent update for Exchange Server due to response to Exchange Servers being actively attacked by a sophisticated threat actor. Institutions and companies running Microsoft Exchange Servers are urged to patch these servers immediately.