Highlights and Updates

Cisco Releases Security Updates

Wednesday, 6th March 2019

Cisco has released multiple security updates to address vulnerabilities in various Cisco products. An attacker could exploit some of those vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Cisco Security Advisories and apply the necessary updates.

Adobe Releases Security Updates for ColdFusion

Friday, 1st March 2019

Adobe has released security updates to address a vulnerability in ColdFusion. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.

We encourage users and administrators to review Adobe Security Bulletin APSB19-14 and apply the necessary updates or mitigation.

Cisco Releases Security Updates

Wednesday, 27th February 2019
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the following Cisco Advisories and apply the necessary updates:

Elevation of Privilege Vulnerability Found in Cisco WebEx Meetings

Wednesday, 27th February 2019

A vulnerability found in the update service of the Cisco Webex Meetings Desktop App for Windows could allow an unprivileged local attacker to elevate privileges and run arbitrary commands using the SYSTEM user privileges.

This vulnerability affects all Cisco Webex Meetings Desktop App releases between 33.6.4.15 and 33.8.2.7, with prior versions probably being affected by this security issue too, but they were not checked.

OpenSSL Releases Security Update

Tuesday, 26th February 2019

OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q. An attacker could exploit this vulnerability to obtain sensitive information.

We encourage users and administrators to review the OpenSSL Security Advisory and apply the necessary update.

ISC Releases Security Updates for BIND

Friday, 22nd February 2019

The Internet Systems Consortium (ISC) has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit one of these vulnerabilities to cause a denial-of-service condition.

We encourage users and administrators to review the ISC advisories for CVE-2018-5744CVE-2018-5745, and CVE-2019-6465, and apply the necessary updates.

Drupal Releases Security Updates

Thursday, 21st February 2019

Drupal has released security updates to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected system.

We encourage users and administrators to review Drupal’s security advisory and apply the necessary updates.

Adobe Releases Security Updates

Thursday, 21st February 2019

Adobe has released security updates to address a vulnerability in Adobe Acrobat and Reader. An attacker could exploit this vulnerability to obtain sensitive information.

We encourage users and administrators to review Adobe Security Bulletin APSB19-13 and apply the necessary updates.

Cisco Releases Security Updates

Wednesday, 20th February 2019

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

We encourage users and administrators to review the Cisco Security Advisory and apply the necessary updates.

VMware Releases Security Updates

Friday, 15th February 2019

VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system.  

We encourage users and administrators to review VMware Security Advisory VMSA-2019-0001 and apply the necessary updates.