Highlights and Updates

VMware Releases Security Updates for VMware Directory Service

Wednesday, 10th June 2020

 

The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.

Microsoft today issued its Patch Tuesday updates for June 2020, fixing 129 vulnerabilities across its products and services.

Apple Releases Security Updates

Wednesday, 27th May 2020

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Apple security pages for the following products and apply the necessary updates:

  •          macOS Catalina10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra
  •         Windows Migration Assistant 2.2.0.0
  •         Safari 13.1.1
  •         iCloud for Windows11.2
  •         iCloud for Windows7.19

Microsoft Releases Security Update for Edge

Saturday, 23rd May 2020

Microsoft has released a security update to address a vulnerability in Edge (Chromium-based). A remote attacker could exploit this vulnerability to write files to arbitrary locations and gain elevated privileges.

We encourage users and administrators to review Microsoft’s Security Advisory for CVE-2020-1195 and apply the necessary update.

Apple Releases Security Update for Xcode

Thursday, 21st May 2020

Apple has released a security update to address a vulnerability in Xcode. A remote attacker could exploit this vulnerability to take control of an affected system.

We encourage users and administrators to review the Apple security page for Xcode 11.5 and apply the necessary update.

Drupal Releases Security Updates

Wednesday, 20th May 2020

Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.7, and 8.8. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review Drupal Advisories SA-CORE-2020-002 and SA-CORE-2020-003 for more information and to apply the necessary updates.

Microsoft Releases May 2020 Security Updates

Wednesday, 13th May 2020

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review Microsoft’s May 2020 Security Update Summary and Deployment Information and apply the necessary updates.

Adobe Releases Security Updates

Tuesday, 12th May 2020

Adobe has released security updates to address vulnerabilities affecting Adobe DNG Software Development Kit, Acrobat, and Reader. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review Adobe Security Bulletin APSB20-24 and APSB20-26 and apply the necessary updates.

VMware Publishes Workarounds for Vulnerabilities in vRealize Operations Manager

Tuesday, 12th May 2020

VMware has published workarounds to address unpatched vulnerabilities in vRealize Operations Manager(vROps). A remote attacker could exploit these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the VMware Security Advisory and apply the necessary mitigations.

OpenSSL Releases Security Update

Thursday, 23rd April 2020

OpenSSL version 1.1.1g has been released to address a vulnerability affecting versions 1.1.1d–1.1.1f. An attacker could exploit this vulnerability to cause a denial-of-service condition.

We encourage users and administrators to review the OpenSSL Security Advisory and apply the necessary update. 

Microsoft Releases Security Updates for Multiple Products

Wednesday, 22nd April 2020

Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365ProPlus, and Paint 3D. A remote attacker can exploit these vulnerabilities to take control of an affected system.

We encourage users and administrators to review Microsoft Advisory ADV200004 and apply the necessary updates.