VMware have released updated versions of their virtualization software patching security vulnerabilities.
Affected versions:
-VMware ESXi 7.0 without ESXi_7.0.0-1.20.16321839 update
-VMware ESXi 6.7 without ESXi670-202004101-SG update
-VMware ESXi 6.5 without ESXi650-202005401-SG update
-VMware Workstation Pro/Player versions earlier than 15.5.5
-VMware Cloud Foundation 4.x versions earlier than 4.0.1
-VMware Cloud Foundation 3.x versions earlier than 3.10.0.1 (release of 3.10.0.1 is pending at the moment of writing this)
More information in VMware advisory here.
Monday, June 29, 2020
New Google Chrome Patch Released
Google have released a version 83.0.4103.116 of their Chrome web browser. The new version contains two fixes to security vulnerabilities.
More information about changes can be viewed in Google Chrome Releases blog.
More information about changes can be viewed in Google Chrome Releases blog.
Thursday, June 18, 2020
VLC Player Updated
VideoLAN project has released a new version of their VLC media player. The new version contains a fix to a security vulnerability (CVE-2020-13428). By exploiting the vulnerability a remote user could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user.
Affected are VLC Player versions prior 3.0.11. Owners of those versions should update to the latest version.
More information about the vulnerability here
Affected are VLC Player versions prior 3.0.11. Owners of those versions should update to the latest version.
More information about the vulnerability here
Adobe Audition Update
Adobe have released an update to patch critical vulnerabilities in their Adobe Audition application. The vulnerabilities (CVE-2020-9658, CVE-2020-9659) may lead to arbitrary code execution in the context of the current user in vulnerable system.
Affected versions:
Adobe Audition 13.0.6 and earlier versions for Windows
More information in the related security bulletin.
Affected versions:
Adobe Audition 13.0.6 and earlier versions for Windows
More information in the related security bulletin.
Adobe Premiere Rush Fixed
Adobe have released an update to patch critical vulnerabilities in Premiere Rush application. The vulnerabilities (CVE-2020-9656, CVE-2020-9657, CVE-2020-9655) may allow arbitrary code execution in the context of the current user in the vulnerable system.
Affected versions:
Adobe Premiere Rush earlier than 1.5.16 version for Windows
More information in the related security bulletin here.
Affected versions:
Adobe Premiere Rush earlier than 1.5.16 version for Windows
More information in the related security bulletin here.
Adobe Premiere Pro Fixed
Adobe have released an update to patch vulnerabilities in their Premiere Pro application. The vulnerabilities (CVE-2020-9653, CVE-2020-9654, CVE-2020-9652) may allow arbitrary code execution in vulnerable system.
Affected versions:
Adobe Premiere Pro earlier than 14.3 version for Windows
More information in the related security bulletin here.
Affected versions:
Adobe Premiere Pro earlier than 14.3 version for Windows
More information in the related security bulletin here.
Adobe Illustrator Vulnerabilities Fixed
Adobe have released an updated version of their Adobe Illustrator for Windows. The new version fixes critical vulnerabilities (CVE-2020-9642, CVE-2020-9575, CVE-2020-9641, CVE-2020-9640, CVE-2020-9639) that may allow arbitrary code execution in the context of the current user.
Affected versions
Illustrator 2020 24.1.2 and earlier versions
More information in the correspondent security bulletin.
Affected versions
Illustrator 2020 24.1.2 and earlier versions
More information in the correspondent security bulletin.
Adobe After Effects Updated
Adobe have released an update to patch critical vulnerabilities in their After Effects application for Windows. The vulnerabilities could allow arbitrary code execution in the context of the current user.
Affected versions:
Adobe After Effects earlier than 17.1.1 version
More information in security bulletin.
Affected versions:
Adobe After Effects earlier than 17.1.1 version
More information in security bulletin.
Vulnerability Fixed In Adobe Campaign Classic
Adobe have released a new version of their Adobe Campaign Classic. The new version fixes a security vulnerability (CVE-2020-9666) that may result in information disclosure.
Affected versions are Adobe Campaign Classic 20.1 and earlier versions on Windows and Linux. Users of affected versions should update their versions to the latest one (currently 20.2).
More information (including download instructions for new version) can be read from Adobe security bulletin.
Affected versions are Adobe Campaign Classic 20.1 and earlier versions on Windows and Linux. Users of affected versions should update their versions to the latest one (currently 20.2).
More information (including download instructions for new version) can be read from Adobe security bulletin.
Tuesday, June 16, 2020
Google Chrome Updated
Google have released a version 83.0.4103.106 of their Chrome web browser. Updated version contains fixes to four security vulnerabilities. More information about changes can be viewed in Google Chrome release blog.
WordPress 5.4.2 Released
There has been released a new version of WordPress (blogging tool and content management system). Version 5.4.2 fixes security bugs.
Affected versions:
WordPress versions earlier than 5.4.2
More information can be read from the WordPress blog.
Affected versions:
WordPress versions earlier than 5.4.2
More information can be read from the WordPress blog.
VMware Horizon Client For Windows Updated
VMware have released updated version (5.4.3) of Horizon Client for Windows patching one important (CVE-2020-3961) categorized privilege escalation vulnerability.
Affected versions:
-Horizon Client for Windows 5.x and earlier
More information in VMware advisory here.
Affected versions:
-Horizon Client for Windows 5.x and earlier
More information in VMware advisory here.
Wednesday, June 10, 2020
Adobe Flash Player Updated
Adobe have released updated versions of their Flash Player. The new versions contain fix to a critical vulnerability (CVE-2020-9633). By exploiting the vulnerability an attacker may be able to execute arbitrary code in the context of the current user.
Affected versions:
- Users of Adobe Flash Player 32.0.0.371 and earlier versions for Windows should update to Adobe Flash Player 32.0.0.387
- Users of Adobe Flash Player 32.0.0.371 and earlier versions for macOS should update to Adobe Flash Player 32.0.0.387
- Users of Adobe Flash Player 32.0.0.371 and earlier versions for Linux should update to Adobe Flash Player 32.0.0.387
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 32.0.0.371 and earlier versions for Windows should update to Adobe Flash Player 32.0.0.387
- Users of Adobe Flash Player 32.0.0.371 and earlier versions for macOS should update to Adobe Flash Player 32.0.0.387
- Users of Adobe Flash Player 32.0.0.371 and earlier versions for Linux should update to Adobe Flash Player 32.0.0.387
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Adobe Framemaker Updated
Adobe has released an updated version of their Framemaker. New version contains fixes to critical security vulnerabilities. Successful exploitation of the vulnerabilities could lead to arbitrary code execution in the context of the current user.
Affected are versions 2019.0.5 and below for Windows.
More information from the Adobe's security advisory.
Affected are versions 2019.0.5 and below for Windows.
More information from the Adobe's security advisory.
Adobe Experience Manager Updated
Adobe has released updated versions of their Experience Manager. Updates fix important categorized vulnerabilities that could result in sensitive information disclosure.
Affected are 6.5 and earlier versions
More information from the Adobe's security advisory.
Affected are 6.5 and earlier versions
More information from the Adobe's security advisory.
Saturday, June 6, 2020
New Google Chrome Update Released
Google have released a version 83.0.4103.97 of their Chrome web browser. The new version contains five fixes to security vulnerabilities.
More information about changes can be viewed in Google Chrome Releases blog.
More information about changes can be viewed in Google Chrome Releases blog.
Mozilla Thunderbird Vulnerabilities Fixed
Mozilla have released an updated version of their Thunderbird email client containing fixes to security vulnerabilities.
Affected versions:
Mozilla Thunderbird versions earlier than 68.9.0
Fresh version can be obtained via inbuilt updater or by downloading from the product site.
Affected versions:
Mozilla Thunderbird versions earlier than 68.9.0
Fresh version can be obtained via inbuilt updater or by downloading from the product site.
Mozilla Firefox Updated
Mozilla have released updated versions of their Firefox web browser. New versions fix security vulnerabilities.
Affected versions:
-Mozilla Firefox earlier than 77 (advisory)
-Mozilla Firefox ESR 68.x earlier than 68.9 (advisory)
Fresh version can be obtained via inbuilt updater or by downloading (latest version) from the product site.
Affected versions:
-Mozilla Firefox earlier than 77 (advisory)
-Mozilla Firefox ESR 68.x earlier than 68.9 (advisory)
Fresh version can be obtained via inbuilt updater or by downloading (latest version) from the product site.
Monday, June 1, 2020
VMware Vulnerabilities Fixed
VMware have released updated versions of their virtualization software patching one important (CVE-2020-3957), one moderate (CVE-2020-3958) and one low (CVE-2020-3959) categorized vulnerabilities.
Affected versions:
-VMware Workstation Pro/Player for Windows versions earlier than 15.5.2
-VMware Fusion Pro / Fusion versions earlier than 11.5.5
-ESXi 6.7 versions without patch ESXi670-202004101-SG
-ESXi 6.5 versions without patch ESXi650-202005401-SG
-Horizon Client for Windows and Mac 5.x & earlier versions (patch pending, check back the advisory)
-VMRC (VMware Remote Console) for Mac 11.x & earlier versions (patch pending, check back the advisory)
More information in VMware advisory here.
Affected versions:
-VMware Workstation Pro/Player for Windows versions earlier than 15.5.2
-VMware Fusion Pro / Fusion versions earlier than 11.5.5
-ESXi 6.7 versions without patch ESXi670-202004101-SG
-ESXi 6.5 versions without patch ESXi650-202005401-SG
-Horizon Client for Windows and Mac 5.x & earlier versions (patch pending, check back the advisory)
-VMRC (VMware Remote Console) for Mac 11.x & earlier versions (patch pending, check back the advisory)
More information in VMware advisory here.
New iCloud Versions For Windows Released
Apple have released new versions of their iCloud client for Windows. New versions fix security vulnerabilities.
iCloud for Windows 11.2 is for Windows 10 and later and is available via Windows Store. iCloud for Windows 7.19 is available for Windows 7 and later.
More information about the security content of the new versions can be read from the correspondent security advisories:
-iCloud 11.2
-iCloud 7.19
iCloud for Windows 11.2 is for Windows 10 and later and is available via Windows Store. iCloud for Windows 7.19 is available for Windows 7 and later.
More information about the security content of the new versions can be read from the correspondent security advisories:
-iCloud 11.2
-iCloud 7.19
ITunes 12.10.7 For Windows Released
Apple have released version 12.10.7 of their iTunes media player. New version fixes security vulnerabilities.
More information about the security content of iTunes 12.10.7 can be read from related security advisory.
Users of old versions should update to the latest one available.
More information about the security content of iTunes 12.10.7 can be read from related security advisory.
Users of old versions should update to the latest one available.
Subscribe to:
Posts (Atom)
