Patchception: June Third-Party Patch Update

Third-Party-Software of 3rd Party Software

We tend to take the security of major websites and software, such as Facebook, Twitter, Instagram and their respective apps, for granted.

However, there are numerous ways that persons with malicious intent could gain access to accounts of those sites. Recently, Twitter faced a breach of security to one popular method; exploiting connected third-party software.A small number of accounts on Twitter were hacked and began posting pro-Nazi messages and symbols. These included the accounts of Amnesty International, Forbes and a few other prominent groups. Twitter’s servers had not been hacked, the hack was traced to another software, Twitter Counter.

This sort of breach is a reminder to be careful of what software you trust.

VLC caught up in Wikileaks’ ‘Vault 7’

Wikileaks released a series of documents regarding the CIA and their set of malware tools. One of these revelations concerns VLC media player. The tool collects information from the computer or network and hides itself inside VLC.

However, VideoLAN Organization has released a statement regarding this. They say “the leaked document does not describe a vulnerability that is remotely exploitable, nor is present in a normal VLC installation.” As long as you have kept VLC up to date and downloaded it from the official site, you are safe.START FREE TRIAL

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:



Product Category Patch
Chrome Web Browser Chrome_v58.0.3029.140
Skype Online calls Skype_v7.36
Adobe (Flash Player, Adobe Experience Manager Forms) APSB17-15


Thunderbird Email Client Thunderbird_v52.1.1
Glary Utilities PC cleanup Glary_v5.76
AIMP Audio Player AIMP_v4.13.1895
iTunes Media Player iTunes_12.6.1
CDBurnerXP CD/DVD Burner CDBurnerXP_4.5.7.6623
Trillian Instant MessengerCode Editor Trillian_6.0 Build 1
Notepad++ Code Editor Notepad++_7.4.1
GOM Player Media Player GOMplayer_2.3.16.5272
Malwarebytes Security Software Malwarebytes_3.1
RealVNC Remote Access RealVNC_6.1.1
VLC Media Player VLC_2.2.5



Patch Details
Chrome_58.0.3029.140 Includes bug fixes, security updates, and feature enhancements.

However, the following devices are NOT live with this update.
Acer Chromebook 11 (C730 / C730E / C735)

AOpen Chromebox Commercial

Dell Chromebook 11 (3120)

Enguarde based 11″ Chromebooks

HP Chromebook 11 2100-2299 / HP Chromebook 11 G4/G4 EE / HP Chromebook 11 G3

HP Chromebook 14 ak000-099 / HP Chromebook 14 G4

Lenovo ThinkPad 11e Chromebook

Skype_7.35 Quality improvements and general fixes.











These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2017-3071). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074).


These updates resolve an information disclosure vulnerability (CVE-2017-3067) resulting from abuse of the pre-population service in AEM Forms. This issue was resolved by providing administrators with additional controls in the configuration manager to restrict the file paths and protocols used to pre-fill a form.

Thunderbird_52.1.1 Fixed: Large attachments may not be shown or saved correctly if the message is stored in an IMAP folder which is not synchronized for offline use.

Unable to load full message via POP if message was downloaded partially (or only headers) before.

Some attachments can’t be opened or saved if the message body is empty.

Crash when compacting IMAP folder.

Glary_v5.76 Bug Fixes and Feature Enhancements
AIMP_v4.13.1895 Fixed: Player – an issue with opening files from AIMP’s context menu that integrated to Windows Explorer

Fixed: plugins – API – adding files to playlist with the AIMP_PLAYLIST_ADD_FLAGS_FILEINFO flag produces internal exception in some cases

Small bugs were fixed

iTunes_12.6.1 Minor app and performance improvements.
CDBurnerXP_4.5.7.6623 DPI improvements for copy disc dialog

DPI improvements for ISO image dialog

DPI improvements for video DVD dialog

Fixed potential crash when refreshing media info

Trillian_6.0 Build 1 Bug Fixes and Feature Enhancements
Notepad++_7.4.1 Fix Notepad++ hanging issue on startup due to its connection on Internet – disable the certification chain verification.

Fix the opened zero length file not saving bug.

Improve Document Peeker performance issue for large files.


• Added video codec format support

– FMVC (FM Screen Capture Codec), Clear Video, Avid MJPEG, TSCC2 Codec added

• Added audio codec format support

– QDMC (QDesign Music Codec), DSD (Direct Sound Digital), shorten audio Codec added


• Now supporting left/right 360 degree video

• Enhanced video playback for VR (360 degree) videos


– Fixed 3 channel audio error

– Fixed playback speed error

– Fixed Intel H/W regarding H.264 videos

– Audio Channel bug fixes

– TS format bug fixes

– Audio capture saving bug fix

– Screen color bug fixes

– Additional minor bug fixes

Malwarebytes_3.1 Fixed several crashes in the Web Protection module

Fixed issue where Ransomware Protection would be stuck in ‘Starting’ state after a reboot

Fixed a conflict with Norton that caused web pages not to load and plug-ins to crash in Chrome

Fixed issue with WMI protection technique in Exploit Protection that could cause Office applications to crash

Fixed several crashes related to the service and tray

Fixed security vulnerabilities that could be chained together to perform local privilege escalation

Fixed many other miscellaneous defects and user interface improvements

RealVNC_6.1.1 FIXED: Active Directory user accounts with no expiry date can now be used to authenticate to VNC Server using single sign-on (SSO)

FIXED: VNC Server’s Information Center dialog no longer shows an erroneous error message when the legacy SecurityTypes parameter is set to a value other than <auto> (this may affect users upgrading from VNC 5.x).

FIXED: VNC Server in Virtual Mode (Xvnc) no longer crashes due to a bug in the X11 render extension.

VLC_2.2.5 VLC 2.2.5 “Weatherwax” is the fifth update to VLC’s 2.2 release series.

Fix green line rendering on Windows with AMD drivers

Fix mp3 playback regression on macOS and 64bit Windows leading to distortion for some media

Fix screenshots size

Improved lua scripts for various websites

Various security improvements in demuxers and decoders

Security hardening for DLL hijacking environments

Fix scrolling sensitivity on Sierra

Fix screen recording on Windows

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.