Google have released a version 79.0.3945.130 of their Chrome web browser. The new version contains fixes to 11 security vulnerabilities.
More information about changes can be viewed in Google Chrome Releases blog.
Monday, January 20, 2020
Vulnerability In Internet Explorer
There has been found a vulnerability (CVE-2020-0674) affecting Microsoft Internet Explorer browsers. The vulnerability is related to the way that the scripting engine handles objects in memory in Internet Explorer. By exploiting the vulnerability an attacker may execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights an attacker may be able to take control of an affected system. Microsoft is aware of some targeted attacks exploiting the vulnerability.
Affected:
Internet Explorer 9, 10 and 11
At the moment of writing this there is no update available against the vulnerability. Microsoft has published a workaround while it's working on the update. More information here.
Affected:
Internet Explorer 9, 10 and 11
At the moment of writing this there is no update available against the vulnerability. Microsoft has published a workaround while it's working on the update. More information here.
Friday, January 17, 2020
Symantec Intelligence Report: December 2019
Symantec have published their Intelligence report that sums up the latest threat trends for December 2019.
The report can be viewed here.
The report can be viewed here.
Oracle Critical Patch Update For Q1 of 2020
Oracle have released updates for their products that fix 334 security issues (including 12 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2020.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2020.
Thursday, January 16, 2020
New Version Of Foxit Reader And Foxit PhantomPDF Available
Foxit Software has released version 9.7.1 of their Foxit Reader and Foxit PhantomPDF software. The new versions contain fixes for security vulnerabilities that if exploited may allow an attacker to execute arbitrary code in target system.
Affected versions:
Foxit Reader 9.7.0.29478 and earlier (Windows)
Foxit PhantomPDF 9.7.0.29455 and earlier (Windows)
More information can be read here.
Affected versions:
Foxit Reader 9.7.0.29478 and earlier (Windows)
Foxit PhantomPDF 9.7.0.29455 and earlier (Windows)
More information can be read here.
Adobe Illustrator CC Vulnerabilities Fixed
Adobe have released an updated version of their Adobe Illustrator CC for Windows. The new version fixes critical vulnerabilities that may allow arbitrary code execution in the context of the current user.
Affected versions
Illustrator CC 2019 24.0 and earlier versions
More information in the correspondent bulletin.
Affected versions
Illustrator CC 2019 24.0 and earlier versions
More information in the correspondent bulletin.
Adobe Experience Manager Updated
Adobe has released updated versions of their Adobe Experience Manager (AEM). Updates fix multiple vulnerabilities. Successful exploitation could result in sensitive information disclosure.
Affected are versions 6.0, 6.1, 6.2, 6.3, 6.4 and 6.5
More information from the Adobe's security advisory.
Affected are versions 6.0, 6.1, 6.2, 6.3, 6.4 and 6.5
More information from the Adobe's security advisory.
Microsoft Security Updates For January 2020
Microsoft have released security updates for January 2020.
Summary of the updates (filter by inserting 12/11/2019 to the From field and 01/16/2020 to the To field) here.
Summary of the updates (filter by inserting 12/11/2019 to the From field and 01/16/2020 to the To field) here.
Mozilla Thunderbird Update Available
Mozilla have released an updated version of their Thunderbird email client containing fixes to security vulnerabilities.
Affected versions:
Mozilla Thunderbird versions earlier than 68.4.1
Fresh version can be obtained via inbuilt updater or by downloading from the product site.
Affected versions:
Mozilla Thunderbird versions earlier than 68.4.1
Fresh version can be obtained via inbuilt updater or by downloading from the product site.
Friday, January 10, 2020
Firefox Vulnerability Patched
Mozilla have released fixes to their Firefox web browser. New versions fix a securityvulnerability. Mozilla says that it is aware of targeted attacks in the wild abusing this vulnerability.
Affected versions:
-Mozilla Firefox earlier than 72.0.1
-Mozilla Firefox ESR 68.x earlier than 68.4.1
Fresh version can be obtained via inbuilt updater or by downloading (latest version) from the product site.
Affected versions:
-Mozilla Firefox earlier than 72.0.1
-Mozilla Firefox ESR 68.x earlier than 68.4.1
Fresh version can be obtained via inbuilt updater or by downloading (latest version) from the product site.
New Google Chrome Version Released
Google have released a version 79.0.3945.117 of their Chrome web browser. The new version contains three fixes to security vulnerabilities.
More information about changes can be viewed in Google Chrome Releases blog.
More information about changes can be viewed in Google Chrome Releases blog.
Wednesday, January 8, 2020
Vulnerability In OpenCV
There has been found a vulnerability in OpenCV (Open Source Computer Vision) that is an open source computer vision and machine learning software library. By exploiting the vulnerability with a specially crafted XML file it is possible to cause a buffer overflow resulting multiple heap corruptions and potential code execution.
Affected versions
OpenCV 4.1.0
The latest version (currently 4.2.0) and other releases are available on the OpenCV releases site.
Affected versions
OpenCV 4.1.0
The latest version (currently 4.2.0) and other releases are available on the OpenCV releases site.
Mozilla Firefox Updated
Mozilla have released updated versions of their Firefox web browser. New versions fix security vulnerabilities.
Affected versions:
-Mozilla Firefox earlier than 72 (advisory)
-Mozilla Firefox ESR 68.x earlier than 68.4 (advisory)
Fresh version can be obtained via inbuilt updater or by downloading (latest version) from the product site.
Affected versions:
-Mozilla Firefox earlier than 72 (advisory)
-Mozilla Firefox ESR 68.x earlier than 68.4 (advisory)
Fresh version can be obtained via inbuilt updater or by downloading (latest version) from the product site.
Subscribe to:
Posts (Atom)
