Highlights and Updates

Cisco Releases Security Updates for Multiple Products

Wednesday, 15th July 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the following Cisco Advisories and apply the necessary updates. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

 

·        Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability cisco-sa-rv110w-static-cred-BMTWBWTy

·        Small Business RV110W,RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability cisco-sa-rv-rce-AQKREqp

·        RV110W, RV130,RV130W,and RV215W Routers Authentication Bypass Vulnerability cisco-sa-rv-auth-bypass-cGv9EruZ

·        RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability cisco-sa-code-exec-wH3BNFb

·        Cisco Prime License Manager Privilege Escalation Vulnerability cisco-sa-cisco-prime-priv-esc-HyhwdzBA

 

Oracle Releases July 2020 Security Bulletin

Tuesday, 14th July 2020

Oracle has released its Critical Patch Update for July 2020 to address 433 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Oracle July 2020 Critical Patch Update and apply the necessary updates.

Google Releases Security Updates for Chrome

Tuesday, 14th July 2020

Google has releasedChrome version 84.0.4147.89 for Windows, Mac, and Linux. This version addressesvulnerabilities that an attacker could exploit to take control of an affectedsystem.

We encourage users andadministrators to review the Chrome Release and apply the necessary updates.

Microsoft Addresses 'Wormable' RCE Vulnerability in Windows DNS Server

Tuesday, 14th July 2020

Microsoft has released a security update to address a remote code execution (RCE)vulnerability—CVE-2020-1350—in Windows DNS Server. A remote attacker could exploit this vulnerability to take control of an affected system. This is considered a “wormable” vulnerability that affects all Windows Server versions.

We encourage users and administrators to review Microsoft’s Security Advisory and Blog for more information,and apply the necessary update and workaround.

Microsoft Releases July 2020 Security Updates

Monday, 13th July 2020

Microsoft has releasedupdates to address multiple vulnerabilities in Microsoft software. A remoteattacker could exploit some of these vulnerabilities to take control of anaffected system.

We encourage users andadministrators to review Microsoft’s July 2020 Security Update Summary andDeployment Information and apply the necessary updates.

Adobe Releases Security Updates for Multiple Products

Monday, 13th July 2020

Adobe has releasedsecurity updates to address vulnerabilities in multiple Adobe products. Anattacker could exploit some of these vulnerabilities to take control of anaffected system.

We encourage users andadministrators to review the following Adobe Security Bulletins and apply thenecessary updates.

·        Download ManagerAPSB20-49

·        ColdFusion APSB20-43

·        Genuine ServiceAPSB20-42

·        Media EncoderAPSB20-36

·        Creative Cloud DesktopApplication APSB20-33

VMware Releases Security Update for VeloCloud

Wednesday, 8th July 2020

VMware has released a security update to address a vulnerability in VeloCloud. An attacker could exploit this vulnerability to obtain sensitive information.

We encourage users and administrators to review VMware Security Advisory VMSA-2020-0016 and apply the necessary update.

Citrix Releases Security Updates

Tuesday, 7th July 2020

Citrix has released security updates to address vulnerabilities in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP appliance. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We recommend users and administrators review Citrix Security Bulletin CTX276688,  as well as the Citrix blog post, Citrix provides context on Security Bulletin CTX276688, and apply the necessary updates as soon as possible.

Mozilla Releases Security Updates for Firefox and Firefox ESR

Thursday, 2nd July 2020

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Mozilla Security Advisories for Firefox 78 and Firefox ESR 68.10 and apply the necessary updates.

Microsoft Releases Security Updates for Windows 10, Windows Server

Wednesday, 1st July 2020

Microsoft has released security updates to address vulnerabilities in Windows 10 and Windows Server.These vulnerabilities could allow a remote attacker to take control of an affected system.

We encourage users and administrators to review the Microsoft security advisories for CVE-2020-1425 and CVE-2020-1457 and apply the necessary updates.