Sunday, January 31, 2021

Google Chrome Vulnerabilities Fixed

Google has released version 88.0.4324.104 for Windows and 88.0.4324.96 for macOS and Linux. In addition to other changes the new version contains fixes to 36 security vulnerabilities.

More information can be read from Google Chrome releases blog.

Oracle Critical Patch Update For Q1 of 2021

Oracle have released updates for their products that fix 329 security issues (including one Java fix) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in April 2021.

Saturday, January 16, 2021

Adobe Bridge Updated

Adobe have updated their Bridge to new version. This new version resolves two critical vulnerabilities (CVE-2021-21012, CVE-2021-21013) which may allow execution of arbitrary code.

Affected versions:
- Adobe Bridge 11.0 and earlier versions for Windows

Solution:
- Update to Adobe Bridge 11.0.1


More information can be read from Adobe's security bulletin.

Adobe Captivate Hotfix Available

Adobe have released a security hotfix for Adobe Captivate for Windows. The fix addresses a privilege escalation vulnerability (CVE-2021-21011).

Affected versions and solution
Users of Adobe Captivate 2019 11.5.1.499 and earlier should install the hotfix

More information can be read from Adobe's security bulletin.

Vulnerability Fixed In Adobe InCopy

Adobe have released a new version of their Adobe InCopy on Windows. The new version fixes a security vulnerability (CVE-2021-21010) that may allow arbitrary code execution in the context of the current user.

Affected versions and solutions
- Adobe InCopy 15.1.3 and earlier versions should update to version 16.0

More information can be read from Adobe security bulletin.

Vulnerability Fixed In Adobe Campaign Classic

Adobe have released a new version of their Adobe Campaign Classic on Windows and Linux. The new version fixes a security vulnerability (CVE-2021-21009) that may result in information disclosure.

Affected versions and solutions
- Gold Standard 10 (and earlier versions) should update to Gold Standard 11
- 20.3.1 (and earlier versions) should update to 20.3.3 - Build 9234
- 20.2.3 (and earlier versions) should update to 20.2.4 - Build 9187
- 20.1.3 (and earlier versions) should update to 20.1.4 - Build 9126
- 19.2.3 (and earlier versions) should update to 19.2.4 - Build 9082
- 19.1.7 (and earlier versions) should update to 19.1.8 - Build 9039

More information can be read from Adobe security bulletin.

Adobe Animate Updated

Adobe have released an updated version of their Adobe Animate CC. The new version fixes a vulnerability (CVE-2021-21008) that could allow arbitrary code execution in the context of the current user.

Affected versions
Animate 21.0 and earlier

Solution
Update to Adobe Animate version 21.0.2 or newer


More information in the correspondent bulletin.

Adobe Illustrator Vulnerabilities Fixed

Adobe have released an updated version of their Adobe Illustrator for Windows. The new version fixes a critical vulnerability (CVE-2021-21007) that may allow arbitrary code execution in the context of the current user.

Affected versions
Illustrator 2020 25.0 and earlier versions

Solution
Update to Illustrator 2020 25.1 (or newer) version

More information in the correspondent security bulletin.

New Version Of Adobe Photoshop Available

Adobe have released new versions of Adobe Photoshop for Windows and Macintosh. These updates resolve a critical security vulnerability (CVE-2021-21006) which could lead to arbitrary code execution in the context of the current user.

Affected versions:
Adobe Photoshop 2021 versions 22.x earlier than 22.1.1 (Windows)

Solution:
Update to Adobe Photoshop 2021 22.1.1 version

Instructions for updating are given in related security bulletin.

Mozilla Thunderbird Updated

Mozilla have released updated version of their Thunderbird email client containing a fix to a security vulnerability (CVE-2020-16044).

Affected versions:
- Mozilla Thunderbird earlier than 78.6.1 (advisory)

Fresh version can be obtained via inbuilt updater or by downloading from the product site.

Microsoft Security Updates For January 2021

Microsoft have released security updates for January 2021.

Release notes of the updates can be viewed here.

Monday, January 11, 2021

NVIDIA GPU Display Driver Updates

NVIDIA has released a security update for NVIDIA GPU Display Driver. The update contains fixes to multiple vulnerabilities that may lead to denial of service, escalation of privileges, data tampering or information disclosure.

More information can be read from the related security bulletin.

Mozilla Firefox Updated

Mozilla have released updated versions of their Firefox web browser. New versions fix a critical security vulnerability (CVE-2020-16044).

Affected versions:
-Mozilla Firefox earlier than 84.0.2
-Mozilla Firefox ESR 78.x earlier than 78.6.1
-Mozilla Firefox for Android earlier than 84.1.3

Fresh version can be obtained via inbuilt updater or by downloading (latest version) from the product site.

Thursday, January 7, 2021

Google Chrome updated

Google have released version 87.0.4280.141 for Windows, macOS and Linux. In addition to other changes the new version contains fixes to 16 security vulnerabilities.

More information can be read from Google Chrome releases blog.

Tuesday, January 5, 2021

Foxit PhantomPDF Security Update

Foxit Software has released version 9.7.5 of their Foxit PhantomPDF software. The new version contains fixes for security vulnerabilities that if exploited may allow an attacker to execute arbitrary code in target system.

Affected versions:
Foxit PhantomPDF 9.7.4.29600 and earlier (Windows)

More information can be read here.