EZB Systems UltraISO

EZB Systems released an update to address a buffer overflow vulnerability, CVE-2017-2840, in UltraISO, an ISO image creator software. Successful exploitation of this vulnerability could allow a remote threat actor to execute arbitrary code on the targeted system when a specific ISO image file is opened and parsed by the UltraISO software. The NJCCIC recommends users and administrators review the Talos Group's analysis and update to UltraISO version 9.7.