Highlights and Updates

VMware Releases Security Updates

Friday, 9th November 2018

VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the VMware Security Advisory VMSA-2018-0027 and apply the necessary updates.

Cisco Releases Security Updates

Wednesday, 7th November 2018

hese vulnerabilities to take control of an affected system.

We encourage users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

Apache Releases Security Advisory for Apache Struts

Monday, 5th November 2018

The Apache Software Foundation has released an advisory to address a vulnerable commons-fileupload library used in Apache Struts versions 2.3.36 and prior. A remote attacker could exploit this vulnerability to take control of an affected system. Struts versions from 2.5.12 are not affected.

We encourage users and administrators of Apache Struts versions 2.3.36 and prior to review the Apache security advisory for CVE-2016-1000031 and upgrade to the latest released version of Commons FileUpload library, which is currently 1.3.3.

Mozilla Releases Security Update for Thunderbird ESR

Wednesday, 31st October 2018

Mozilla has released a security update to address vulnerabilities in Thunderbird ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Mozilla Security Advisory for Thunderbird ESR 60.3 and apply the necessary update.

Apache Releases Security Update for Apache Tomcat JK Connectors

Wednesday, 31st October 2018

The Apache Software Foundation has released a security update to address a vulnerability affecting Apache Tomcat JK Connectors 1.2.0 to 1.2.44. A remote attacker could exploit this vulnerability to obtain access to sensitive information.

We encourage users and administrators to review the Apache security advisory for CVE-2018-11759 and apply the necessary update or mitigation.

Apple Releases Multiple Security Updates

Tuesday, 30th October 2018

We encourage users and administrators to review the Apple security pages for the following products and apply the necessary updates:

Mozilla Releases Security Updates for Firefox

Tuesday, 23rd October 2018

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Mozilla Security Advisories for Firefox 63 and Firefox ESR 60.3 and apply the necessary updates.

libssh Releases Security Updates

Friday, 19th October 2018

libssh has released security updates addressing a vulnerability affecting libssh versions 0.6 and above. A remote attacker could exploit this vulnerability to take control of an affected system.

We encourage users and administrators to review the libssh Security Release for additional information and apply the necessary updates

Drupal Releases Security Updates

Thursday, 18th October 2018

Drupal has released security updates addressing multiple vulnerabilities in Drupal 7.x and 8.x. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review Drupal's Security Advisory and apply the necessary updates.

Cisco Releases Security Updates for Multiple Products

Thursday, 27th September 2018

Cisco has released several updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Cisco Security Advisories and Alerts webpage and apply the necessary updates.