Highlights and Updates

Adobe Releases Security Updates for Magento

Thursday, 25th June 2020

Adobe has released security updates to address vulnerabilities in Magento Commerce 1 and Magento Open Source 1. An attacker could exploit one of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review Adobe Security Bulletin APSB20-41 and apply the necessary updates.

VMware Releases Security Updates for Multiple Products

Wednesday, 24th June 2020

VMware has released security updates to address multiple vulnerabilities in VMware ESXi,Workstation, Fusion, and Cloud Foundation. An attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review VMware Security Advisory VMSA-2020-0015 and apply the necessary updates or workarounds.

Google Releases Security Updates for Chrome

Wednesday, 24th June 2020

Google has released Chrome version 83.0.4103.116 for Windows, Mac, and Linux. This version addresses a vulnerability that a remote attacker could exploit to cause a denial-of-service condition.

We encourage users and administrators to review the Chrome Release Note and apply the necessary updates.

Cisco Releases Multiple Security Updates

Thursday, 18th June 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

We encourage users and administrators to review the following Cisco advisories and apply the necessary updates:

·        Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access Vulnerability cisco-sa-webex-token-zPvEjKN

·        Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability cisco-sa-webex-client-url-fcmpdfVY

·        Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability cisco-sa-webex-client-mac-X7vp65BL

·        TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability cisco-sa-tp-cmd-inj-7ZpWhvZb

·        Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities cisco-sa-rv-routers-stack-vUxHmnNz

·        Small Business RV110W, RV130, RV130W, andRV215W Series Routers Management Interface Vulnerabilities cisco-sa-rv-routers-injection-tWC7krKQ

·        Small Business RV Series Routers Command Injection Vulnerabilities cisco-sa-rv-routers-Rj5JRfF8

Drupal Releases Security Updates

Thursday, 18th June 2020

Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.8, 8.9, and 9.0. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. 

We encourage users and administrators to review Drupal Advisories SA-CORE-2020-004 and SA-CORE-2020-005 for more information and to apply the necessary updates.

Adobe Releases Security Updates for Multiple Products

Wednesday, 17th June 2020

Adobe has released security updates to addressvulnerabilities in multiple products. An attacker could exploit some of thesevulnerabilities to take control of an affected system.

We encourage users and administrators to review the followingAdobe Security Bulletins and apply the necessary updates.

·        Campaign Classic APSB19-34

·        After Effects APSB20-35

·        Illustrator APSB20-37

·        Premiere Pro APSB20-38

·        Premiere Rush APSB20-39

·        Audition APSB20-40

VMware Releases Security Updates for VMware Directory Service

Wednesday, 10th June 2020

 

The June release of security updates addresses several remote code execution vulnerabilities in SharePoint, Excel, Windows OLE, and other services.

Microsoft today issued its Patch Tuesday updates for June 2020, fixing 129 vulnerabilities across its products and services.

Apple Releases Security Updates

Wednesday, 27th May 2020

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Apple security pages for the following products and apply the necessary updates:

  •          macOS Catalina10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra
  •         Windows Migration Assistant 2.2.0.0
  •         Safari 13.1.1
  •         iCloud for Windows11.2
  •         iCloud for Windows7.19

Microsoft Releases Security Update for Edge

Saturday, 23rd May 2020

Microsoft has released a security update to address a vulnerability in Edge (Chromium-based). A remote attacker could exploit this vulnerability to write files to arbitrary locations and gain elevated privileges.

We encourage users and administrators to review Microsoft’s Security Advisory for CVE-2020-1195 and apply the necessary update.

Apple Releases Security Update for Xcode

Thursday, 21st May 2020

Apple has released a security update to address a vulnerability in Xcode. A remote attacker could exploit this vulnerability to take control of an affected system.

We encourage users and administrators to review the Apple security page for Xcode 11.5 and apply the necessary update.