Mozilla have released updated versions of Firefox browser to address security vulnerabilities.
Affected products are:
- Mozilla Firefox earlier than 66.0.1 (advisory)
- Mozilla Firefox earlier than ESR 60.6.1 (advisory)
Fresh version can be obtained via inbuilt updater or by downloading from the product site (the latest version):
Firefox
Saturday, March 23, 2019
VMware Workstation Updates Available
VMware has released security updates to two elevation of privilege vulnerabilities (CVE-2019-5511, CVE-2019-5512) in their virtualization applications.
Affected versions:
- VMware Workstation Pro / Player 15.x versions earlier than 15.0.3 for Windows
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.6 for Windows
Further information including updating instructions can be read from VMware's security advisory.
Affected versions:
- VMware Workstation Pro / Player 15.x versions earlier than 15.0.3 for Windows
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.6 for Windows
Further information including updating instructions can be read from VMware's security advisory.
VMware Horizon Updates Available
VMware has released new versions of their Horizon for Windows. New versions fix a Connection Server information disclosure vulnerability (CVE-2019-5513).
Affected versions:
-VMware Horizon 6 earlier than version 6.2.8 + KB67401 update for Windows
-VMware Horizon 7 (Extended Service Branches, ESB) earlier than version 7.5.2 + KB67401 update for Windows
-VMware Horizon 7 (Current Releases, CR) earlier than version 7.8 + KB67424 update for Windows
More information (including links to patches) in security advisory.
Affected versions:
-VMware Horizon 6 earlier than version 6.2.8 + KB67401 update for Windows
-VMware Horizon 7 (Extended Service Branches, ESB) earlier than version 7.5.2 + KB67401 update for Windows
-VMware Horizon 7 (Current Releases, CR) earlier than version 7.8 + KB67424 update for Windows
More information (including links to patches) in security advisory.
Thursday, March 14, 2019
New WordPress Version Released
There has been released a new version of WordPress (blogging tool and content management system) which contains also patches to two security vulnerabilities. It's also recommended to check if there are any updates available for WordPress extensions in use. Also, it's recommended to disable those extensions that are not needed.
Affected versions:
WordPress versions earlier than 5.1.1
More information can be read from the WordPress blog.
Affected versions:
WordPress versions earlier than 5.1.1
More information can be read from the WordPress blog.
New Google Chrome Version Released
Google have released a version 73.0.3683.75 of their Chrome web browser. Among new features the new version contains fixes to 60 security vulnerabilities. More information about changes can be viewed in Google Chrome Releases blog.
Microsoft Security Updates For March 2019
Microsoft have released security updates for March 2019.
Summary of the updates (filter by inserting 02/13/2019 to the From field and 03/13/2019 to the To field) here.
Summary of the updates (filter by inserting 02/13/2019 to the From field and 03/13/2019 to the To field) here.
New Version of Adobe Digital Editions Available
Adobe have released a new version of their ebook reader software Adobe Digital Editions. Successful exploitation of the fixed vulnerability (CVE-2019-7095) could lead to arbitrary code execution in the context of the current user.
Affected versions are Adobe Digital Editions 4.5.10.185749 and earlier versions on Windows. Users of affected versions should update their versions to the latest one (currently 4.5.10.186048).
More information (including download instructions for new version) can be read from Adobe's security bulletin.
Affected versions are Adobe Digital Editions 4.5.10.185749 and earlier versions on Windows. Users of affected versions should update their versions to the latest one (currently 4.5.10.186048).
More information (including download instructions for new version) can be read from Adobe's security bulletin.
New Version Of Adobe Photoshop Available
Adobe have released new versions of Adobe Photoshop for Windows and Macintosh. These updates resolve a critical categorized vulnerability (CVE-2019-7094) that could could lead to arbitrary code execution in the context of the current user.
Affected versions:
Adobe Photoshop CC 19.1.7 and earlier versions (Windows and macOS)
Adobe Photoshop CC 20.0.2 and earlier versions (Windows and macOS)
Solution:
Update to Adobe Photoshop CC 19.1.8 or 20.0.4 version
Instructions for updating are given in related security bulletin.
Affected versions:
Adobe Photoshop CC 19.1.7 and earlier versions (Windows and macOS)
Adobe Photoshop CC 20.0.2 and earlier versions (Windows and macOS)
Solution:
Update to Adobe Photoshop CC 19.1.8 or 20.0.4 version
Instructions for updating are given in related security bulletin.
Monday, March 11, 2019
Latest PHP Versions Available
PHP development team has released 7.3.3, 7.2.16 and 7.1.27 versions of the PHP scripting language Among other minor bugs some security bugs have been fixed. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.
Changelogs:
Version 7.3.3
Version 7.2.16
Version 7.1.27
Changelogs:
Version 7.3.3
Version 7.2.16
Version 7.1.27
Symantec Intelligence Report: February 2019
Symantec have published their Intelligence report that sums up the latest threat trends for February 2019.
The report can be viewed here.
The report can be viewed here.
Sunday, March 3, 2019
Chrome Vulnerability Fixed
Google have released 72.0.3626.121 version of their Chrome web browser. The new version contains a fix to a security vulnerability (CVE-2019-5786). More information in Chrome release blog.
Microsoft Security Intelligence Report Volume 24 Available
Microsoft have released volume 24 of their Security Intelligence Report (SIR). This edition of the report is a reflection on last year’s security events and includes an overview of the security landscape, lessons learned from the field, and recommended best practices. The report can be accessed here.
Subscribe to:
Posts (Atom)
