Highlights and Updates

Oracle Releases Security Alert

Monday, 13th August 2018

Oracle has released a security alert to address a vulnerability in multiple versions of Oracle Database. A remote attacker could exploit this vulnerability to take control of an affected system.

We encourage users and administrators to review the Oracle Security Alert(link is external) and the Multi-State Information Sharing & Analysis Center Advisory 2018-089 for more information and apply the necessary update.

VMware Releases Security Updates

Tuesday, 7th August 2018

VMware has released security updates to address a vulnerability in Horizon 6, 7, and Horizon Client for Windows. An attacker could exploit this vulnerability to obtain sensitive information.

We encourage users and administrators to review the VMware Security Advisory VMSA-2018-0019(link is external) and apply the necessary updates.

Linux Kernel Vulnerability

Monday, 6th August 2018

UG-CERT is aware of a Linux kernel vulnerability affecting Linux versions 4.9 and greater. An attacker could exploit this vulnerability to cause a denial-of-service condition.

We encourage users and administrators to review the Vulnerability Note VU #962459 and apply the necessary updates.

Mozilla Releases Security Update for Thunderbird

Monday, 6th August 2018

Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Mozilla Security Advisory for Thunderbird 60 and apply the necessary update.

Drupal Releases Security Update

Thursday, 2nd August 2018

Drupal has released a security update addressing a vulnerability in Drupal 8.x. A remote attacker could exploit this vulnerability to take control of an affected system.

We encourage users and administrators to review Drupal's Security Advisory and apply the necessary update.

Cisco Releases Security Update

Wednesday, 1st August 2018

Cisco has released a security update to address a vulnerability in Cisco Prime Collaboration Provisioning. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

We encourage users and administrators to review the Cisco Security Advisory(link is external) and apply the necessary update

Google Releases Security Update for Chrome

Tuesday, 24th July 2018
Google has released Chrome version 68.0.3440.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

Bluetooth Vulnerability

Monday, 23rd July 2018
Ug-CERT is aware of a vulnerability affecting Bluetooth firmware and operating system software drivers. A remote attacker could exploit this vulnerability to obtain sensitive information.

Apache Releases Security Updates for Apache Tomcat

Monday, 23rd July 2018
The Apache Software Foundation has released security updates to address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information.

VMware Releases Security Updates

Saturday, 30th June 2018

VMware has released security updates to address vulnerabilities in VMware ESXi, Workstation, and Fusion. An attacker could exploit these vulnerabilities to obtain sensitive information.

We encourage users and administrators to review the VMware Security Advisory VMSA-2018-0016(link is external) and apply the necessary updates.