August Third-Party Patches & Security Updates
Explore the latest third-party and security updates and find out which patches should be prioritized this month to protect your environment.[vc_empty_space]
Which third-party patches should you prioritize?
VideoLAN has released an update this week to resolve two high-risk vulnerabilities in the VLC media player application. The discovered vulnerabilities allow an attacker to manipulate the .MKV extension so that a file can be used to gain control of the victim’s device. A total of 15 defects were made public on Monday by VideoLAN and a new version was released on August 19.
Additionally, Google Chrome received an update earlier this month resolving a high-severity use-after-free vulnerability in the PDFium viewer (CVE-2019-5868), as well as a medium-severity vulnerability (CVE-2019-5867)
Firefox also had a moderate vulnerability addressed regarding stored passwords and master password entry (CVE-2019-11733). “When a master password is set, it is required to be entered again before stored passwords can be accessed in the ‘Saved Logins’ dialog,” stated Mozilla regarding version 68.0.2. “It was found that locally stored passwords can be copied to the clipboard thorough the ‘copy password’ context menu item without re-entering the master password if the master password had been previously entered in the same session, allowing for potential theft of stored passwords.”
Why focus on patching third-party applications?
Delays in patching third party applications with dangerous vulnerabilities can leave your endpoints wide open to attack.
Syxsense provides true network security and lets you manage every threat with the click of a button. Keep up with the constant stream of security threats and patches for third-party software applications, such as Adobe, Java, Chrome and more.
|Title||Description||CVSS||CVSS Severity||Vendor||Date Published|
|Acrobat_ReaderDC_v15.006.30499(Classic Track 2015)||NA||NA||Adobe||8/13/19|
|Acrobat_ReaderDC_v17.011.30144(Classic Track 2017)||NA||NA||Adobe||8/13/19|
|AcrobatDC_v15.006.30499(Classic Track 2015)||NA||NA||Adobe||8/13/19|
|AcrobatDC_v17.011.30144(Classic Track 2017)||NA||NA||Adobe||8/13/19|
|Chrome_v76.0.3809.100||The Stable channel has been updated to 76.0.3809.100||8.8||High||8/6/19|
|Firefox_v68.0.2||Version 68.0.2, first offered to Release channel users on August 14, 2019||NA||NA||Mozilla||8/14/19|
|Opera_v62.0.3331.116||Opera 62.0.3331.116 Stable update||NA||NA||Opera||8/7/19|
|VLC Media Player_v3.0.8||NA||NA||VideoLAN||8/19/19|