22 matches found
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisory for Thunderbird 91.6.1 and make the necessary...
Google Releases Security Updates for Chrome
Google has updated the stable channel for Chrome to 89.0.4389.128 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome release and apply the necessary...
Microsoft Launches Phase 2 Mitigation for Netlogon Remote Code Execution Vulnerability (CVE-2020-1472)
Microsoft addressed a critical remote code execution vulnerability affecting the Netlogon protocol CVE-2020-1472 on August 11, 2020. Beginning with the February 9, 2021 Security Update release, Domain Controllers will be placed in enforcement mode. This will require all Windows and non-Windows...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-19 and apply the necessary updates. This...
Joomla Releases Security Update for CMS
Joomla has released version 3.4.7 of its content management system CMS software to address two vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla Release New...
oCERT Releases Advisory for Unpatched UnZip Vulnerability
The Open Source Computer Security Incident Response Team oCERT has released an advisory addressing vulnerabilities in all versions of UnZip. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system if a user opens a specially crafted zip file. US-CER...
Apple Releases Security Updates for Safari
Apple has released security updates for Safari to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial of service or execute arbitrary code on an affected system. Updates include: Safari 8.0.1 for OS X Yosemite v10.10.1 Safari 7.1.1...
Google Releases Security Updates for Chrome
Google has released Chrome 37.0.2062.94 for Windows, Mac and Linux. This update includes 50 security fixes some of which could allow a remote attacker to obtain unauthorized access or cause a denial of service. US-CERT encourages users and administrators to review the Google Chrome release blog a...
Microsoft Releases June 2014 Security Bulletin
Microsoft has released updates to address vulnerabilities in Windows, Office, Internet Explorer, Lync, and Lync Server as part of the Microsoft Security Bulletin Summary for June 2014. Some of these vulnerabilities could allow remote code executions. US-CERT encourages users and administrators to...
Apple Releases QuickTime 7.7.5
Apple has released QuickTime 7.7.5 for Windows operating systems to address multiple vulnerabilities, which may lead to an unexpected application termination or arbitrary code execution. US-CERT encourages users and administrators to review Apple Support Article HT6151 and apply any necessary...
Apple Releases OS X 10.8.4 and Security Update 2013-002
Apple has released OS X 10.8.4 and Security Update 2013-002 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security controls, or cause denial-of-service conditions. US-CERT encourages users and...
Apple Releases Security Update for Safari on OS X
Apple has released security updates for Safari 6.0.5 to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Safari 6.0.5 WebKit updates are available for the following versions: OS X Lion v10.7.5 O...
Adobe Releases Security Bulletin for Adobe Reader and Acrobat
Adobe has released a security bulletin to address multiple vulnerabilities in Adobe Reader X 10.1.2 and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier versions for Linux, and Adobe Acrobat X 10.1.2 and earlier versions for Windows and Macintosh. Exploitation of these...
Microsoft Releases Security Advisory for Vulnerability in TrueType Font Parsing
Microsoft has released Microsoft Security Advisory 2639658 to address a vulnerability in the Win32k TrueType font parsing engine. By convincing a user to open a malicious email attachment, an attacker may be able to exploit this vulnerability and execute arbitrary code. Microsoft has indicated th...
Apple Releases iTunes 10.5
Apple has released iTunes 10.5 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4981 and apply any necessary updates to help...
Google Releases Chrome 14.0.835.163
Google has released Chrome 14.0.835.163 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...
Microsoft Releases July Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office as part of the Microsoft Security Bulletin Summary for July 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges. US-CERT encourages users...
Oracle Releases Critical Patch Update for Java SE and Java for Business
Oracle has released a Critical Patch Update for Java SE and Java for Business. This update addresses multiple vulnerabilities and contains 21 security fixes. US-CERT encourages users and administrators to review the Oracle Java SE and Java for Business Critical Patch Update Advisory for February...
Apple Releases QuickTime 7.6.9
Apple has released QuickTime 7.6.9 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information. US-CERT encourages users and administrators to review Apple article...
Apple Releases Safari 5.0.3 and 4.1.3
Apple has released Safari 5.0.3 and 4.1.3 to address multiple vulnerabilities in the Safari and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4455...