Friday, September 29, 2017

Updates For Mozilla Firefox

Mozilla have released updates to Firefox browser to address a bunch of security vulnerabilities.

Affected products are:
- Mozilla Firefox earlier than ESR 52.4 (advisory)
- Mozilla Firefox earlier than 56 (advisory)


Fresh version can be obtained via inbuilt updater or by downloading from the product site:
Firefox

New Version Of iCloud For Windows Released

Apple have released version 7.0 of their iCloud client for Windows. New version fixes a bunch of security vulnerabilities.

More information about the security content of iCloud for Windows 7.0 can be read from related security advisory.

Users of old versions should update to the latest one available here.

Friday, September 22, 2017

Google Chrome Updated

Google have released a version 61.0.3163.100 of their Chrome web browser. New version contains three security fixes. More information about changes in Google Chrome Releases blog.

WordPress 4.8.2 Released

There has been released a new version of WordPress (blogging tool and content management system) which contains updates to security vulnerabilities. It's also recommended to check if there are any updates available for WordPress extensions in use. Also, it's recommended to disable those extensions that are not needed.

Affected versions:
WordPress versions earlier than 4.8.2

More information can be read from the WordPress blog.

VMware Updates Available

VMware has released security updates to patch multiple vulnerabilities in their virtualization applications.

Affected versions:
- VMware ESXi 6.5 without ESXi650-201707101-SG patch
- VMware ESXi 6.0 without ESXi600-201706101-SG patch
- VMware ESXi 5.5 without ESXi550-201709101-SG patch
- VMware vCenter Server 6.5 earlier than 6.5 U1
- VMware Workstation Pro versions earlier than 12.5.7
- VMware Workstation Player versions earlier than 12.5.7
- VMware Fusion Pro / Fusion versions earlier than 8.5.8

Further information including updating instructions can be read from VMware's security advisory.

Tuesday, September 19, 2017

Google Chrome Updated

Google have released a version 61.0.3163.91 of their Chrome web browser. More information about changes in Google Chrome Releases blog.

Saturday, September 16, 2017

Adobe ColdFusion Fix Available

Adobe have released updated versions of ColdFusion web application development platform. These fixes address a critical XML parsing vulnerability (CVE-2017-11286), an important cross-site scripting vulnerability (CVE-2017-11285) that could lead to information disclosure and a mitigation for unsafe Java deserialization that could result in remote code execution (CVE-2017-11283, CVE-2017-11284).

Affected versions:
- ColdFusion (2016 release): update 4 and earlier versions
- ColdFusion 11: update 12 and earlier versions

More information can be read from Adobe's security bulletin.

Adobe Flash Player Update Available

Adobe have released updated versions of their Flash Player. The new versions fix critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Affected versions:
- Users of Adobe Flash Player 26.0.0.151 and earlier versions for Windows should update to Adobe Flash Player 27.0.0.130

- Users of Adobe Flash Player 26.0.0.151 and earlier versions for Macintosh should update to Adobe Flash Player 27.0.0.130

- Users of Adobe Flash Player 26.0.0.151 and earlier versions for Linux should update to Adobe Flash Player 27.0.0.130

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update


More information can be read from Adobe's security bulletin.

Friday, September 15, 2017

RoboHelp Update Available

Adobe has released an updated version of their RoboHelp for Windows. The new version fixes two security vulnerabilities.

Affected versions:
-RH2017.0.2
+RH12.0.4.460 (hotfix)

More information can be read here.

Microsoft Security Updates For September 2017

Microsoft have released security updates for September 2017.

Summary of the updates (filter by inserting 08/09/2017 to the From field and 09/15/2017 to the To field) here.

Wednesday, September 13, 2017

Foxit PhantomPDF Update Available

Foxit Software has released version 7.3.17 of their Foxit PhantomPDF software. The new version contains fixes for security vulnerabilities that if exploited may allow an attacker to execute arbitrary code in target system.

Affected versions:
Foxit PhantomPDF 7.3.15.712 and earlier (Windows)

More information can be read here.

Thursday, September 7, 2017

Google Chrome Updated

Google have released a version 61.0.3163.79 of their Chrome web browser. New version contains 22 security fixes. More information about changes in Google Chrome Releases blog.

Symantec Intelligence Report: August 2017

Symantec have published their Intelligence report that sums up the latest threat trends for August 2017.

The report can be viewed here.

New PHP Versions Released

PHP development team has released 7.1.9 and 7.0.23 versions of the PHP scripting language. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.

Changelogs:
Version 7.1.9
Version 7.0.23