Adobe Tackles Over 100 Vulnerabilities

A new set of security updates from Adobe has just been released. These new updates effect Acrobat, Reader, Flash Player, Connect, and Experience Manager. Over 100 vulnerabilities are patched thanks to these updates.

The risk involved in not deploying the new updates is that a remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Review Adobe Security Bulletins APSB18-21, APSB18-24, APSB18-22, and APSB18-23 and apply the necessary updates.

Robert Brown, Director of Services said, “Many of these updates are Priority 2, which means they should be highly prioritised for deployment this month.” Ensure these updates are a part of your patching strategy.

Microsoft Half-Year Evaluation

According to an article by The Zero Day Initiative, there seems to a be a rise in the number of bugs reported in Microsoft products. However, they caution that this doesn’t mean that there is an increase in issues with the product. The number of bug reports has increased 121% from the same period last year.

The number of released patches is only up by 8%, so the article argues this is an indicator of program growth. A large number of these bugs were also in the browser space; IE, Edge, and Chakra Core.

Keep an eye on Microsoft’s Patch Tuesday releases as they may attempt to increase their output of updates.

Microsoft Releases 50 Updates

For June Patch Tuesday, Microsoft has released a massive 50-update rollup that affects every version of Windows still in support. Included are fixes for the Windows OS, Internet Explorer, Microsoft Edge, the ChakraCore JavaScript engine, Microsoft Office and Microsoft Office Services, and Web Apps.

If you are using Windows 10, this latest cumulative update also comes with other quality improvements, including a fix for an issue that caused PCs to boot to a black screen. If you’ve had issues with brightness controls on your laptop, Microsoft recommends you apply this latest update as well.

Robert Brown, Director of Services for Verismic says, “Windows 10 cumulative updates are a huge benefit for IT Managers who need to update their systems as quickly as possible. However, there is a disadvantage  that comes in the form of additional testing. You cannot separate the cumulative updates so you need to be sure when you start deploying that it’s fully tested.

Even the smaller updates like the screen brightness issue above can cause huge disruption for your employees. Using Syxsense can make that process more efficient as you can schedule those test deployments from a single internet browser.  If any update is seen to cause an issue, you can easily omit that update until a fix is provided.”

Urgent Update for Google Chrome & Mozilla Firefox

Google has released Chrome version 67.0.3396.79 for Windows, Mac, and Linux. Thanks to work by security researcher Michal Bentkowski, Google was made aware of, and patched, this high severity vulnerability. While details are limited, the vulnerability seems to be an issue with handling CSP header that could lead to an attacker gaining control of the targeted device.

Mozilla has also released security updates to address critical vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system.

Start a free trial of Syxsense to enhance your patch strategy with more efficiency and simplicity today.