Adobe have released updated versions of their Flash Player. The new versions fix a security vulnerability (CVE-2018-15981) that could allow remote execution of arbitrary code in the context of the current user.
Affected versions:
- Users of Adobe Flash Player 31.0.0.148 and earlier versions for Windows should update to Adobe Flash Player 31.0.0.153
- Users of Adobe Flash Player 31.0.0.148 and earlier versions for Macintosh should update to Adobe Flash Player 31.0.0.153
- Users of Adobe Flash Player 31.0.0.148 and earlier versions for Linux should update to Adobe Flash Player 31.0.0.153
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Sunday, November 25, 2018
Friday, November 23, 2018
New Version Of Foxit 3D Plugin Available
Foxit Software has released new version of their 3D Plugin for Foxit Reader and Foxit PhantomPDF software. The new version contain fixes for security vulnerabilities.
Affected versions:
3D Plugin 9.3.0.10809 and earlier for Foxit Reader and Foxit PhantomPDF (Windows)
More information can be read here.
Affected versions:
3D Plugin 9.3.0.10809 and earlier for Foxit Reader and Foxit PhantomPDF (Windows)
More information can be read here.
Google Chrome Updated
Google have released a version 70.0.3538.110 of their Chrome web browser. New version contains fix to one security vulnerability (CVE-2018-17479). More information about changes in Google Chrome Releases blog.
VMware Workstation And Fusion Updates Available
VMware has released security updates to a integer overflow vulnerability (CVE-2018-6983) in their virtualization applications. The vulnerability may allow a guest to execute arbitrary code on the host.
Affected versions:
- VMware Workstation Pro / Player 15.x versions earlier than 15.0.2
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.5
- VMware Fusion Pro / Fusion 11.x versions earlier than 11.0.2
- VMware Fusion Pro / Fusion 10.x versions earlier than 10.1.5
Further information including updating instructions can be read from VMware's security advisory.
Affected versions:
- VMware Workstation Pro / Player 15.x versions earlier than 15.0.2
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.5
- VMware Fusion Pro / Fusion 11.x versions earlier than 11.0.2
- VMware Fusion Pro / Fusion 10.x versions earlier than 10.1.5
Further information including updating instructions can be read from VMware's security advisory.
VMware vSphere Data Protection Updated
WMware has released new version of vSphere Data Protection (VDP). The new version fixes multiple vulnerabilities (CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077) of which one critical, two important and one moderate categorized.
Affected versions:
VDP 6.1.x versions earlier than 6.1.10
VDP 6.0.x versions earlier than 6.0.9
More details in VMware security advisory
Affected versions:
VDP 6.1.x versions earlier than 6.1.10
VDP 6.0.x versions earlier than 6.0.9
More details in VMware security advisory
Saturday, November 17, 2018
Vulnerability In Adobe Photoshop
Adobe have released new versions of Adobe Photoshop for Windows and Macintosh. These updates resolve an important categorized vulnerability (CVE-2018-15980) that could lead to an information disclosure.
Affected versions:
Adobe Photoshop CC 19.1.6 and earlier versions (Windows and macOS)
Solution:
Update to Adobe Photoshop CC 19.1.7 or 20.0 version
Instructions for updating are given in related security bulletin.
Affected versions:
Adobe Photoshop CC 19.1.6 and earlier versions (Windows and macOS)
Solution:
Update to Adobe Photoshop CC 19.1.7 or 20.0 version
Instructions for updating are given in related security bulletin.
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix a vulnerability in their PDF products, Adobe Reader and Adobe Acrobat. The vulnerability (CVE-2018-15979) could lead to an inadvertent leak of the user’s hashed NTLM password.
Affected versions:
*Acrobat DC and Acrobat Reader DC, continuous track
version 2019.008.20080 and earlier
*Acrobat 2017 and Acrobat Reader 2017
version 2017.011.30105 and earlier
*Acrobat DC and Acrobat Reader DC, classic track
version 2015.006.30456 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Adobe Acrobat
More information about fixed vulnerability can be read from Adobe's security bulletin.
Affected versions:
*Acrobat DC and Acrobat Reader DC, continuous track
version 2019.008.20080 and earlier
*Acrobat 2017 and Acrobat Reader 2017
version 2017.011.30105 and earlier
*Acrobat DC and Acrobat Reader DC, classic track
version 2015.006.30456 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Adobe Acrobat
More information about fixed vulnerability can be read from Adobe's security bulletin.
Adobe Flash Player Updated
Adobe have released updated versions of their Flash Player. The new versions fix a security vulnerability (CVE-2018-15978) that could lead to information disclosure.
Affected versions:
- Users of Adobe Flash Player 31.0.0.122 and earlier versions for Windows should update to Adobe Flash Player 31.0.0.148
- Users of Adobe Flash Player 31.0.0.122 and earlier versions for Macintosh should update to Adobe Flash Player 31.0.0.148
- Users of Adobe Flash Player 31.0.0.122 and earlier versions for Linux should update to Adobe Flash Player 31.0.0.148
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 31.0.0.122 and earlier versions for Windows should update to Adobe Flash Player 31.0.0.148
- Users of Adobe Flash Player 31.0.0.122 and earlier versions for Macintosh should update to Adobe Flash Player 31.0.0.148
- Users of Adobe Flash Player 31.0.0.122 and earlier versions for Linux should update to Adobe Flash Player 31.0.0.148
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For November 2018
Microsoft have released security updates for November 2018.
Summary of the updates (filter by inserting 10/10/2018 to the From field and 11/13/2018 to the To field) here.
Summary of the updates (filter by inserting 10/10/2018 to the From field and 11/13/2018 to the To field) here.
Monday, November 12, 2018
Google Chrome Updated
Google have released a version 70.0.3538.102 of their Chrome web browser. New version contains fixes to three security vulnerabilities. More information about changes in Google Chrome Releases blog.
Symantec Intelligence Report: October 2018
Symantec have published their Intelligence report that sums up the latest threat trends for October 2018.
The report can be viewed here.
The report can be viewed here.
VMware Updates Available
VMware has released security updates to two uninitialized stack memory usage vulnerabilities (CVE-2018-6981, CVE-2018-6982) in their virtualization applications. One of the vulnerabilities (CVE-2018-6981) may allow a guest to execute arbitrary code on the host.
Affected versions:
- VMware ESXi 6.7 without ESXi670-201811401-BG patch
- VMware ESXi 6.5 without ESXi650-201811301-BG patch
- VMware ESXi 6.0 without ESXi600-201811401-BG patch
- VMware Workstation Pro / Player 15.x versions earlier than 15.0.1
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.4
- VMware Fusion Pro / Fusion 10.x versions earlier than 10.1.4
Further information including updating instructions can be read from VMware's security advisory.
Affected versions:
- VMware ESXi 6.7 without ESXi670-201811401-BG patch
- VMware ESXi 6.5 without ESXi650-201811301-BG patch
- VMware ESXi 6.0 without ESXi600-201811401-BG patch
- VMware Workstation Pro / Player 15.x versions earlier than 15.0.1
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.4
- VMware Fusion Pro / Fusion 10.x versions earlier than 10.1.4
Further information including updating instructions can be read from VMware's security advisory.
Friday, November 2, 2018
Foxit PhantomPDF For Windows Update Available
Foxit Software has released version 8.3.8 of their Foxit PhantomPDF software. The new version contains fixes for security vulnerabilities of which some if exploited may allow an attacker to execute arbitrary code in target system.
Affected versions:
Foxit PhantomPDF 8.3.7.38093 and earlier (Windows)
More information can be read here.
Affected versions:
Foxit PhantomPDF 8.3.7.38093 and earlier (Windows)
More information can be read here.
Mozilla Thunderbird Update Available
Mozilla have released an updated version of their Thunderbird email client containing fixes to security vulnerabilities. Some of the fixed vulnerabilities are categorized as critical.
Affected versions:
Mozilla Thunderbird versions earlier than 60.3
Fresh version can be obtained via inbuilt updater or by downloading from the product site.
Affected versions:
Mozilla Thunderbird versions earlier than 60.3
Fresh version can be obtained via inbuilt updater or by downloading from the product site.
New Version Of iCloud For Windows Released
Apple have released version 7.8 of their iCloud client for Windows. New version fixes security vulnerabilities.
More information about the security content of iCloud for Windows 7.8 can be read from related security advisory.
Users of old versions should update to the latest one available here.
More information about the security content of iCloud for Windows 7.8 can be read from related security advisory.
Users of old versions should update to the latest one available here.
ITunes 12.9.1 Released
Apple have released version 12.9.1 of their iTunes media player. New version fixes security vulnerabilities.
More information about the security content of iTunes 12.9.1 can be read from related security advisory.
Users of old versions should update to the latest one available.
More information about the security content of iTunes 12.9.1 can be read from related security advisory.
Users of old versions should update to the latest one available.
Subscribe to:
Posts (Atom)
