Highlights and Updates

VMware Releases Security Update for VeloCloud

Wednesday, 8th July 2020

VMware has released a security update to address a vulnerability in VeloCloud. An attacker could exploit this vulnerability to obtain sensitive information.

We encourage users and administrators to review VMware Security Advisory VMSA-2020-0016 and apply the necessary update.

Citrix Releases Security Updates

Tuesday, 7th July 2020

Citrix has released security updates to address vulnerabilities in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP appliance. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We recommend users and administrators review Citrix Security Bulletin CTX276688,  as well as the Citrix blog post, Citrix provides context on Security Bulletin CTX276688, and apply the necessary updates as soon as possible.

Mozilla Releases Security Updates for Firefox and Firefox ESR

Thursday, 2nd July 2020

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Mozilla Security Advisories for Firefox 78 and Firefox ESR 68.10 and apply the necessary updates.

Microsoft Releases Security Updates for Windows 10, Windows Server

Wednesday, 1st July 2020

Microsoft has released security updates to address vulnerabilities in Windows 10 and Windows Server.These vulnerabilities could allow a remote attacker to take control of an affected system.

We encourage users and administrators to review the Microsoft security advisories for CVE-2020-1425 and CVE-2020-1457 and apply the necessary updates.

Adobe Releases Security Updates for Magento

Thursday, 25th June 2020

Adobe has released security updates to address vulnerabilities in Magento Commerce 1 and Magento Open Source 1. An attacker could exploit one of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review Adobe Security Bulletin APSB20-41 and apply the necessary updates.

VMware Releases Security Updates for Multiple Products

Wednesday, 24th June 2020

VMware has released security updates to address multiple vulnerabilities in VMware ESXi,Workstation, Fusion, and Cloud Foundation. An attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review VMware Security Advisory VMSA-2020-0015 and apply the necessary updates or workarounds.

Google Releases Security Updates for Chrome

Wednesday, 24th June 2020

Google has released Chrome version 83.0.4103.116 for Windows, Mac, and Linux. This version addresses a vulnerability that a remote attacker could exploit to cause a denial-of-service condition.

We encourage users and administrators to review the Chrome Release Note and apply the necessary updates.

Cisco Releases Multiple Security Updates

Thursday, 18th June 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

We encourage users and administrators to review the following Cisco advisories and apply the necessary updates:

        Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access Vulnerability cisco-sa-webex-token-zPvEjKN

        Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability cisco-sa-webex-client-url-fcmpdfVY

        Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability cisco-sa-webex-client-mac-X7vp65BL

        TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability cisco-sa-tp-cmd-inj-7ZpWhvZb

        Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities cisco-sa-rv-routers-stack-vUxHmnNz

        Small Business RV110W, RV130, RV130W, andRV215W Series Routers Management Interface Vulnerabilities cisco-sa-rv-routers-injection-tWC7krKQ

        Small Business RV Series Routers Command Injection Vulnerabilities cisco-sa-rv-routers-Rj5JRfF8

Drupal Releases Security Updates

Thursday, 18th June 2020

Drupal has released security updates to address vulnerabilities affecting Drupal 7, 8.8, 8.9, and 9.0. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. 

We encourage users and administrators to review Drupal Advisories SA-CORE-2020-004 and SA-CORE-2020-005 for more information and to apply the necessary updates.

Adobe Releases Security Updates for Multiple Products

Wednesday, 17th June 2020

Adobe has released security updates to addressvulnerabilities in multiple products. An attacker could exploit some of thesevulnerabilities to take control of an affected system.

We encourage users and administrators to review the followingAdobe Security Bulletins and apply the necessary updates.

        Campaign Classic APSB19-34

        After Effects APSB20-35

        Illustrator APSB20-37

        Premiere Pro APSB20-38

        Premiere Rush APSB20-39

        Audition APSB20-40