AWS

Initial Publication Date: 2021/01/26 2:11PM PST CVE Identifier: CVE-2021-3156 AWS is aware of the security issue recently disclosed by the open source community affecting the Linux "sudo" utility (CVE-2021-3156). This issue may permit unprivileged users to run privileged commands....

2015/07/28 - 6:00PM PST   AWS is aware of the recently reported Android security issues described in: CVE-2015-1538, CVE-2015-1539, CVE-2015-3824, CVE-2015-3826, CVE-2015-3827, CVE-2015-3828, CVE-2015-3829. These issues present a risk to all data present on your Android device, which may...

April 7, 2014 AWS is aware of the HeartBleed Bug (CVE-2014-0160) in OpenSSL and investigating any impact or required remediation. We will post back when we have more detail. April 8, 2014 Update: For the latest updates, please...

August 31, 2011 A new Internet worm has been reported that spreads via Microsoft's Remote Desk Protocol (RDP). This worm scans an infected host's subnet for other hosts running RDP and attempts access to them using a pre-configured set...

2015/07/21 - 12:35 PM PST - Update   AWS Elastic Beanstalk We have updated all Elastic Beanstalk Windows containers per MS15-JULY, as described at https://technet.microsoft.com/en-us/library/security/ms15-jul.aspx. Steps to migrate your existing environment to the updated version: 1. Log in...

2015/05/13 - 5:20 AM PDT   We are aware of the QEMU security issue assigned CVE-2015-3456, also known as "VENOM," which impacts various virtualized platforms. There is no risk to AWS customer data or instances. Information on the Xen-specific...

Initial Publication Date: 2020/10/23 5:00PM PST ----- AWS is aware of Xen Security Advisories XSA-286 (https://xenbits.xen.org/xsa/advisory-286.html), XSA-331 (https://xenbits.xen.org/xsa/advisory-331.html), XSA-332 (https://xenbits.xen.org/xsa/advisory-332.html), XSA-345 (https://xenbits.xen.org/xsa/advisory-345.html), XSA-346 (https://xenbits.xen.org/xsa/advisory-346.html), and XSA-347 (https://xenbits.xen.org/xsa/advisory-347.html) released by the Xen Security team on October 20th 2020. Xen...

Initial Publication Date: 2020/09/22 8:45AM PST CVE Identifier: CVE-2020-25595 AWS is aware of Xen Security Advisory 337 released by the Xen Security team on September 22nd 2020. Nitro based instances are not affected. The issue depends on PCI devices...

Initial Publication Date: 2020/09/22 8:45AM PST CVE Identifier: CVE-2020-25604 AWS is aware of Xen Security Advisory 336 released by the Xen Security team on September 22nd 2020. Nitro based instances are not affected. Under rare circumstances, a guest may be able...

Last Updated: 2020/07/09 6:30PM PDT CVE Identifier: CVE-2020-8558 This is an update for this issue. AWS is aware of a security issue, recently disclosed by the Kubernetes community, affecting Linux container networking (CVE-2020-8558). This issue may allow containers running...

February 18, 2011   An anonymous reporter has publicly announced a previously undisclosed vulnerability affecting the BROWSER protocol on Windows systems. In addition, the reporter has released proof-of-concept exploit code. Use of the code can...

Initial Publication Date: 2020/03/31 11:15AM PDT AWS is updating all AWS Federal Information Processing Standard (FIPS) endpoints to a minimum Transport Layer Security (TLS) version of 1.2 across all AWS Regions by March 31, 2021. This update will...