CISA – The US government Cybersecurity and Infrastructure Security Agency – is one of my trusted sources of information when it comes to software and firmware vulnerabilities and patching.
Patching
It is the week of Microsoft Patch Tuesday – here is the CISA advisory for Microsoft products:
Microsoft Releases July 2023 Security Updates | CISA
Of course other vendors also release their patching when Microsoft does:
Fortinet Releases Security Update for FortiOS and FortiProxy | CISA
Adobe Releases Security Updates for ColdFusion and InDesign | CISA
Mozilla Releases Security Update for Firefox and Firefox ESR | CISA
Known Exploited Vulnerabilities Catalog
And from last week – an Android driver vulnerability added to CISA comprehensive database of known exploited vulnerabilities.
CISA Adds One Known Vulnerability to Catalog | CISA
CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
Clive Catton MSc (Cyber Security) – by-line and other articles
