Skip to main content
Tag

3rd party patch 2018

|||

Third-Party Patch Update: September 2018

By News, Patch ManagementNo Comments
[vc_single_image image=”25091″ img_size=”full” css=”.vc_custom_1537914385701{padding-bottom: 20px !important;}”]

Virobot Will Return

Cybersecurity firm Trend Micro has identified a new malware, Virobot. While it doesn’t appear to be connected to a previous strain of ransomware, it uses familiar techniques.

However, Virobot is ransomware, keylogger, and botnet all in one.

The ransomware infects the device and locks it down. While waiting for the ransom payment, it can then log key strokes, pull down additional ransomware to install, and use the device as a bot to spread itself.

As of the writing of this article, the Virobot C&C server was down. Thanks to previous examples, we can infer that this was likely only a test. Cyber actors will test out their capabilities in such a way to prepare for a larger attack later.

Will you be prepared for when that happens?

Ready for Anything

Use Syxsense to survey your environment and rapidly deploy any needed updates. On the home page, you can quickly see which devices require critical updates.

By clicking on the gadget, you’ll jump right into a patch deployment process, pre-populated to deploy all critical updates to all devices that need them. You can easily modify this task to be more specific or start the task as-is to deploy the critical patches.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Patch Updates

Below is a table of third-party updates:

[vc_single_image image=”25095″ img_size=”large” alignment=”center”]
Vendor Category Patch Version and Release Notes:
Adobe Media Software  

Flash and Air: v31 – https://helpx.adobe.com/flash-player/release-note/fp_31_air_31_release_notes.html

 

Apple Media Software  

iTunes: v12.9.0.167 – https://en.wikipedia.org/wiki/History_of_iTunes#iTunes_12

 

Evernote  

Evernote: v6.15.3.7881 – https://evernote.com/security/updates

 

FileZilla FTP Solution  

FileZilla: v3.37.0 – https://filezilla-project.org/versions.php

 

Google Browser  

Chrome: v69.0.3497.100 – https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-chrome-os.html

 

KeePass Password Manager  

KeePass: v2.40 – https://keepass.info/news/n180910_2.40.html

 

Mozilla Browser and Email Application  

Firefox: v62.0.2 – https://www.mozilla.org/en-US/firefox/62.0.2/releasenotes/

 

RealVNC Remote Access Software  

RealVNC Viewer: v6.18.907 – https://www.realvnc.com/en/connect/docs/desktop-release-notes.html

 

VSRevo Group  

Revo Uninstaller Pro: v4.0 – https://www.revouninstaller.com/revo_uninstaller_pro_full_version_history.html

 

|||||||

Third-Party Patch Update: August 2018

By News, Patch ManagementNo Comments
[vc_single_image image=”24905″ img_size=”full”]

Chrome Vulnerability Endangers Your Private Data

A vulnerability has been found within Chrome that would allow actors to access information stored by other web platforms, such as major data hoarders Facebook and Google.

CVE-2018-6177 was uncovered by Ron Masas, a security researcher from Imperva, and reported to Google. “With several scripts running at once — each testing a different and unique restriction — the bad actor can relatively quickly mine a good amount of private data about the user,” Masas said.

With their latest release, v68.0.3440.106, Google says the issue has been fixed. At the time of writing this article, there are no known active exploits of this vulnerability.

We recommend you update to the latest version of Chrome immediately.

Use Syxsense to inventory your environment and rapidly deploy any needed updates. On the home screen, you can quickly see which devices require critical updates.

By clicking on the graph, you’ll jump right into a patch deployment process, prepopulated to deploy critical updates to all devices that need them. You can easily modify this task to be more specific or start the task as-is to deploy the critical patches.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Patch Updates

Below is a table of third-party updates:

[vc_single_image image=”24900″ img_size=”large”]
Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

Acrobat DC: v18.011.20058 – https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/continuous/dccontinuousaug2018.html#dccontinuousaugusttwentyeighteen

 

Acrobat DC: v17.011.30099 – https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/classic/dcclassic17.011aug2018.html#dc17-011augusttwentyeighteen

 

Acrobat DC: v15.006.30448 – https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/classic/dcclassic15.006aug2018.html#dc15-006augusttwentyeighteen

 

Flash Player Plugin and ActiveX: v30.0.0.154 – https://helpx.adobe.com/flash-player/release-note/fp_30_air_30_release_notes.html#fixed_issues

 

N/A
Apple Media Software  

iTunes: v12.8.0.150 – https://support.apple.com/kb/dl1814?locale=en_US

 

 

N/A

Don Ho  

Notepad++: v7.5.8 – https://notepad-plus-plus.org/news/notepad-7.5.8-released.html

 

Evernote  

Evernote: v6.14.5.7671 – https://evernote.com/security/updates

 

FileZilla FTP Solution  

FileZilla: v3.35.2 – https://filezilla-project.org/versions.php

 

N/A
GNOME Foundation Image Processing and Editing  

GIMP: v2.10.6 – https://www.gimp.org/release-notes/gimp-2.10.html

 

Google Browser  

Chrome: v68.0.3440.106 – https://chromereleases.googleblog.com/2018/08/stable-channel-update-for-desktop.html

 

N/A
KeePass Password Manager  

KeePass: v2.39.1 – https://keepass.info/news/n180506_2.39.html

 

Mozilla Browser and Email Application  

Firefox: v61.0.2 – https://www.mozilla.org/en-US/firefox/61.0.2/releasenotes/

 

Thunderbird: v60.0 – https://www.thunderbird.net/en-US/thunderbird/60.0/releasenotes/

 

|||

Third-Party Patch Update: June 2018

By NewsNo Comments
[vc_single_image image=”24615″ img_size=”full”]

Third Party Software Updates: June 2018

Roku TV & Sonos IoT devices, which are widely used in businesses that handle sensitive consumer data, such as credit card number and health records, are vulnerable to DNS hacking. These two IoT devices are frequently installed within fast casual dining, medical and dentist businesses.

These devices can be exploited thanks to two common IoT issues; IoT devices do not require authentication for connections received on a local network and because HTTP is more prevalent to control embedded devices.

These vulnerabilities could enable anyone to “virtually map” your network, which has much wider consequences such as DoS (Denial of Service) to your most critical infrastructure, disrupting your end user experience or potentially planning much more sophisticated cyber warfare.

Just imagine what could happen if a hacker could learn the OS host name & IP information for all your servers.

Both Roku and Sonos are actively working to resolve these issues, but updates will be necessary to secure your devices.

Start a trial with Syxsense and see if these devices are in your network.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Patch Updates

Below is a table of third-party updates from June 2018: 

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

AIR: v30.0.0.107 – https://helpx.adobe.com/flash-player/release-note/fp_30_air_30_release_notes.html

 

Flash Player: v30.0.0.113 – https://helpx.adobe.com/security/products/flash-player/apsb18-19.html

 

N/A
Citrix  

Citrix Receiver: v4.12 – https://docs.citrix.com/en-us/receiver/windows/current-release.html

 

Evernote  

Evernote: v6.13.13.7425 –

 

FileZilla FTP Solution  

FileZilla: v3.34 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: v67.0.3396.99 – https://chromereleases.googleblog.com/2018/06/stable-channel-update-for-chrome-os_26.html

 

N/A
 

Malwarebytes

Antivirus  

Malwarebytes: v3.5.1.2522 – https://www.malwarebytes.com/support/releasehistory/

 

Mozilla Browser and Email Application  

Firefox: v60.0.2 – https://www.mozilla.org/en-US/firefox/60.0.2/releasenotes/

 

Peter Pawlowski Audio Player  

Foobar2000: v1.4 – https://www.foobar2000.org/changelog

 

Uvnc bvba Remote Access Tool  

UltraVNC: v1.2.2.1

 

WinSCP SFTP, SCP, and FTP client  

WinSCP: v5.13.3 – https://winscp.net/eng/docs/history

 

|||||

Third-Party Patch Update: April 2018

By NewsNo Comments
[vc_single_image image=”24099″ img_size=”full”]

Cisco Patches Vulnerability in WebEx

Cisco has just released a CVSS 9 rated update for its WebEx software. In their own words, the unpatched vulnerability “could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.”

The malicious party would share a Flash file via WebEx’s sharing capabilities to gain control of targeted devices.

So what is the best option here? We recommend rolling out the update or removing WebEx. Syxsense can facilitate whichever approach is best for your situation.

Our patch management solution can easily identify which devices are running the WebEx software. From there, setting up a task to deploy the updates is incredibly straight forward.

If you decide to remove WebEx, it’s almost exactly the same process, but at the last step, you select “Uninstall” instead of ‘Install.”

Use an IT management solution that works with you, not against you. Syxsense offers a simple, but powerful approach to patching. Automatically keeps desktops, laptops and remote users up-to-date with patches and software updates.

Start a free trial of Syxsense today.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Patch Updates

Below is a table of third-party updates from April 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

ActiveX: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

Flash Player Plugin NPAPI: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

Flash Player Plugin PPAPI: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

N/A
 

 

Evernote Corporation  

Evernote: v6.11.2.7027 – https://evernote.com/download

 

N/A
FileZilla FTP Solution v3.32 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: v66.0.3359.117 – https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html

 

N/A
 

Malwarebytes

 

Antivirus  

Malwarebytes: v3.4.5.2467 – https://www.malwarebytes.com/support/releasehistory/

 

Oracle  

JavaJRE and JDK: v8u172 – http://www.oracle.com/technetwork/java/javase/8u172-relnotes-4308893.html

 

Wireshark Network Protocol Analyzer  

2.4.6 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.6.html

 

N/A
|||

Third-Party Patch Update: March 2018

By NewsNo Comments
[vc_single_image image=”23913″ img_size=”full”]

Will the IoT bankrupt your business?

Research on the Internet of Things is not painting a pretty picture. According to research firm Gartner, approximately 20% of organizations have experienced at least one IoT attack in the past three years. There’s also a report from BullGuard showing that 37% of those surveyed had no idea how to protect IoT devices.

The biggest conclusion from this research: businesses are going to spend a lot trying to prevent IoT-based attacks. Gartner’s forecast conservatively estimates that IoT security spending will reach $1.5 billion this year, but will explode to $3.1 billion by 2021.

Compliance is expected to be the primary cost-increasing factor.

It’s believed more regulations will be created, causing more work for IT managers. With the proliferation of IoT devices, reporting for compliance may become nearly impossible.

However, Syxsense has an answer. Our Device Discovery feature can already detect the IoT devices within your environments. And with our comprehensive reporting, you can generate easy to understand reports for any compliance need.

Be prepared for the IoT and start a trial of Syxsense today!

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Patch Updates

Below is a table of third-party updates from March 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

AIR: v29.0.0.112 – https://helpx.adobe.com/flash-player/release-note/fp_29_air_29_release_notes.html

 

Flash Player: v29.0.0.113 – https://helpx.adobe.com/flash-player/release-note/fp_29_air_29_release_notes.html

 

Shockwave Player: v12.3.2.202 – https://helpx.adobe.com/shockwave/release-note/release-notes-shockwave-12.html

 

N/A
Don Ho  

Notepad: v7.5.6 – https://notepad-plus-plus.org/news/notepad-7.5.6-released.html

 

N/A
Evernote Corporation  

Evernote: v6.10.3.6921 – https://evernote.com/download

 

N/A
FileZilla FTP Solution v3.31 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: v65.0.3325.184 – https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-chrome-os_23.html

 

N/A
 

Irfan Skiljan

 

IrfanView: v4.51 – https://www.irfanview.com/main_history.htm
 

Malwarebytes

 

Antivirus  

Malwarebytes: v3.4.4.2398 – https://www.malwarebytes.com/support/releasehistory/

 

Mozilla Brower and Email Client  

Firefox: 59.0.2 – https://www.mozilla.org/en-US/firefox/59.0.2/releasenotes/

 

Thunderbird: 52.7.0 – https://www.mozilla.org/en-US/thunderbird/52.7.0/releasenotes/

 

N/A
 

The Document Foundation

 

LibreOffice: v6.0.2 – https://www.libreoffice.org/download/release-notes/
 

 

VSRevoGroup

 

RevoUninstallerFree: v2.0.5 – https://www.revouninstaller.com/revo_uninstaller_full_version_history.html

 

RevoUninstallerPro: v3.2.1 – https://www.revouninstaller.com/revo_uninstaller_pro_full_version_history.html

 

 

WinSCP

 

WinSCP: v5.13 – https://winscp.net/eng/docs/history
Wireshark Network Protocol Analyzer  

2.4.5 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.5.html

 

N/A
|||||

Internet of Threats: Third-Party Patch Update

By NewsNo Comments
[vc_single_image image=”23698″ img_size=”full”]

Managing the Risks of IoT

Our definition of a necessary third-party patch is about to get much broader. With more IoT devices connecting to your network, it becomes mandatory to know what’s out there.

Back in May 2017, an 11-year old boy took the stage and showed that cybersecurity is about to get much more difficult. Using a Raspberry Pi, Python, and a Wi-Fi enabled teddy bear, this ‘cyber ninja’ scanned a cybersecurity conference and hacked devices from the audience.

Reuben Paul, the boy in question, tweeted after: “It was fun but I hope people did not miss the message – Secure IoT before the Internet of Toys becomes the Internet of Threats.”

This lesson must not be missed. We must find a way to secure the Internet of Things. Attacks are already being executed taking advantage of the IoT. When an 11-year-old can illustrate the dangers using a teddy bear, it’s time to take a hard look at what any of us are doing to protect our businesses.

We’ve already begun to see the IoT change the way we live and work. As this trend accelerates, solutions need to emerge to protect our privacy.

Syxsense is ready and at the forefront of that battle. Our product is the first of its kind; able to detect and manage devices in the IoT.

Come see the future of IT management and start a trial of Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Patch Updates

Below is a table of third-party Updates from January 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

Flash, AIR, and ActiveX: 28.0.0.137 – https://helpx.adobe.com/flash-player/release-note/fp_28_air_28_release_notes.html

 

N/A
Apple Media Software  

iTunes: 12.7.3 – https://support.apple.com/kb/dl1814?locale=en_US

 

Safari: 11.0.3 – https://support.apple.com/en-us/HT208475

 

macOS High Sierra: 10.13.3 – https://support.apple.com/en-us/HT208465

 

CRITICAL
Don Ho  

Notepad: 7.5.4 – https://notepad-plus-plus.org/news/notepad-7.5.4-released.html

 

N/A
Evernote Corporation  

Evernote: 6.8.7.6387 – https://evernote.com/download

 

N/A
FileZilla FTP Solution 3.30 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: 64.0.3282.119 – https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html

 

N/A
Mozilla Brower and Email Client  

Firefox: 58.0.1 – https://www.mozilla.org/en-US/firefox/58.0.1/releasenotes/

 

Thunderbird: 52.6.0 – https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/

N/A
Oracle  

JavaJDK: 8u162 – http://www.oracle.com/technetwork/java/javase/8u162-relnotes-4021436.html

 

JavaJDK: 9.0.4 – http://www.oracle.com/technetwork/java/javase/9-0-4-relnotes-4021191.html

 

N/A
Wireshark Network Protocol Analyzer 2.4.4 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html N/A