Not posting a single link here. There are a lot of vulnerabilities fixed including 4 Zero-Day vulnerabilities found in Exchange. Advise immediately start patching procedures.
About: John
Posts by John:
Adobe fixes critical vulnerabilities in Photoshop and Digital Editions
LINK Just as the title suggests, some new updates in Photoshop and Digital Editions
Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices
LINK If you use QNAP, period, make sure its updated.
DNS Vulnerabilities (codenamed WRECK) found in numerous various TCP/IP stacks affecting hundreds of millions of IoT devices
LINK LINK 9 vulnerabilities were disclosed affecting numerous implementation of DNS in TCP\IP stacks. Many items in Industrial Control are used as well so take the time to examine this vulnerability against your devices.
RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers
LINK At Pwn2Own an RCE was found in Chrome/Opera/Brave. Updates should be available shortly if not already out.
Cisco released a plethora of Updates – read if you have Cisco
LINK Cisco yesterday release the SD-Wan updates but also, a MASS of other updates for other products came out. Take a moment to examine the link for products you use.
Domain Time II Vulnerability can lead to Server/Network Compromise
LINK The product by Greyware Automation Products called Domain Time II (an time sync solution) has been found to have a vulnerability allowing it to have admin privs on the servers its installed on (particularly bad if its on a Domain Controller.
Supply Chain Attack on Gigaset (Android handset maker) via poisoned update
LINK New information is coming out that the handset make Gigaset was affected by some sort of problem with an infected malware that looks to have come from a poisoned update – read the link for more details.
Cisco fixes RCE affecting Root Privs in SD-WAN vManage Software
LINK Cisco just released for its SD-WAN vManage Software a patch to fix a vulnerability that was found that allowed a Remote Command to be executed giving Root privilege’s. Time to take a look.
Critical VMware Carbon Black Cloud Workload appliance found
LINK If you use VMware’s Carbon Black Cloud Workload appliance, dig in now.