Thursday, July 28, 2016

Google Chrome Updated

Google have released version 52.0.2743.82 of their Chrome web browser. Among other changes the new version contains 48 security vulnerability fixes. More information about changes in Google Chrome Releases blog.

New PHP Versions Released

PHP development team has released 7.0.9, 5.6.24 and 5.5.38 versions of the PHP scripting language. New versions contain fixes to vulnerabilities among other fixes. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch. Version 5.5.38 is the last version to be released for 5.5 branch so it's recommended to move to 5.6 or 7.0 version branch.

Changelogs:
Version 7.0.9
Version 5.6.24
Version 5.5.38

Friday, July 22, 2016

Oracle Critical Patch Update For Q3 of 2016

Oracle have released updates for their products that fix 276 security issues (including 13 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in October 2016.

ITunes 12.4.2 Released

Apple have released version 12.4.2 of their iTunes media player. New version fixes a bunch of security vulnerabilities.

More information about the security content of iTunes 12.4.2 can be read from related security advisory.

Users of old versions should update to the latest one available.

Wednesday, July 13, 2016

Adobe Reader And Acrobat Security Updates

Adobe have released security updates to fix some vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat. The vulnerabilities could allow an attacker to take over the affected system.

Affected versions:
*Acrobat DC and Acrobat Reader DC, continuous track
version 15.016.20045 and earlier

*Acrobat DC and Acrobat Reader DC, classic track
version 15.006.30174 and earlier

*of series XI (11.x)
Adobe Reader 11.0.16 and earlier
Adobe Acrobat 11.0.16 and earlier


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro

More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Adobe Flash Player Update Available

Adobe have released updated versions of their Flash Player. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
- Users of Adobe Flash Player 22.0.0.192 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 22.0.0.209

- Users of Adobe Flash Player 11.2.202.626 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.632

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 11 (on Windows 8.x and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update


More information can be read from Adobe's security bulletin.

Microsoft Security Updates For July 2016

Microsoft have released security updates for July 2016. This month update contains 11 security bulletins of which six categorized as critical and five as important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Monday, July 11, 2016

Symantec Intelligence Report: June 2016

Symantec have published their Intelligence report that sums up the latest threat trends for June 2016.

The report can be viewed here.

Monday, July 4, 2016

New PHP Versions Released

PHP development team has released 7.0.8, 5.6.23 and 5.5.37 versions of the PHP scripting language. New versions contain fixes to vulnerabilities among other fixes. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.

Changelogs:
Version 7.0.8
Version 5.6.23
Version 5.5.37

LibreOffice Vulnerability Fixed

There has been released a new version of LibreOffice that fixes a vulnerability in RTF file handling. By exploiting the vulnerability an attacker may be able to execute arbitrary code in the target system.

Affected versions:
LibreOffice versions older than 5.1.4 and 5.2.0

More information can be read here.

WordPress 4.5.3 Released

There has been released a new version of WordPress (blogging tool and content management system) which contains updates to security vulnerabilities. It's also recommended to check if there are any updates available for WordPress extensions in use. Also, it's recommended to disable those extensions that are not needed.

Affected versions:
WordPress versions earlier than 4.5.3

More information can be read from the WordPress blog.