F5 Releases Security Advisories Addressing Multiple Vulnerabilities | CISA
Mozilla Releases Security Updates for Firefox and Firefox ESR | CISA
CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA
F5 is a company supplying infrastructure performance and security services to companies – so if you use them, get reading.
Mozilla Firefox just needs the updates checking and updating.
The five exploits are more interesting to a wider audience. Two of them impact Apple products – these exploits are referred to as a “confusion vulnerability” allowing the “processing of maliciously crafted web content, leading to arbitrary code execution”. The next two impact Microsoft one involves Internet Explorer (Use Edge or some other browser) and the other is a privilege escalation vulnerability.
The fifth impacts OpenSSL – this is an issue as it means if you are relying on older (not updated) OpenSSL certificates they are open to exploitation and the execution of malicious remote code on the devices.
All the exploits can be patched.
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
Redline information stealer malware targets Internet Explorer – Smart Thinking Solutions
