Third-Party Patch Update: August 2018

Chrome Vulnerability Endangers Your Private Data

A vulnerability has been found within Chrome that would allow actors to access information stored by other web platforms, such as major data hoarders Facebook and Google.

CVE-2018-6177 was uncovered by Ron Masas, a security researcher from Imperva, and reported to Google. “With several scripts running at once — each testing a different and unique restriction — the bad actor can relatively quickly mine a good amount of private data about the user,” Masas said.With their latest release, v68.0.3440.106, Google says the issue has been fixed. At the time of writing this article, there are no known active exploits of this vulnerability.

We recommend you update to the latest version of Chrome immediately.Use Syxsense to inventory your environment and rapidly deploy any needed updates. On the home screen, you can quickly see which devices require critical updates.

By clicking on the graph, you’ll jump right into a patch deployment process, prepopulated to deploy critical updates to all devices that need them. You can easily modify this task to be more specific or start the task as-is to deploy the critical patches.

Third-Party Patch Updates

Below is a table of third-party updates:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

Acrobat DC: v18.011.20058 –


Acrobat DC: v17.011.30099 –


Acrobat DC: v15.006.30448 –


Flash Player Plugin and ActiveX: v30.0.0.154 –


Apple Media Software  

iTunes: v12.8.0.150 –




Don Ho  

Notepad++: v7.5.8



Evernote: v6.14.5.7671 –


FileZilla FTP Solution  

FileZilla: v3.35.2 –


GNOME Foundation Image Processing and Editing  

GIMP: v2.10.6 –


Google Browser  

Chrome: v68.0.3440.106 –


KeePass Password Manager  

KeePass: v2.39.1 –


Mozilla Browser and Email Application  

Firefox: v61.0.2 –


Thunderbird: v60.0 –