The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued a number of security advisories and added to its Known Exploited Vulnerabilities Catalog. This is one of my key sites for keeping our clients up to date with vulnerabilities and patches. Cyber Security Advisories Not all of this software …
CISA had a busy day yesterday
I regularly check the The US government Cybersecurity and Infrastructure Security Agency (CISA) site s it is a good source for patch and vulnerability alerts. Yesterday they posted security advisories for a range of products including Cisco, Drupal, and VMware: Cisco Releases Security Advisories for Multiple Products | CISA Drupal …
CISA adds a software development tool vulnerability to the Known Exploited Vulnerabilities Catalog and security advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability for Telerik, a software development tool, to it’s Known Exploited Vulnerabilities Catalog: CISA Has Added One Known Exploited Vulnerability to Catalog | CISA This week CISA also released a security advisory for a range of Apple products, …
Other patches and updates in the news
Other companies gather around Microsoft’s Patch Tuesday and issue their updates round and about the same time and there are also the critical patches that are issued when needed. Here are some that are in the news but you should be checking your systems for updates: AWS fixes vulnerability affecting …
VMware, Citrix and Microsoft security advisories from CISA
The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued the following security advisories: Citrix Releases Security Updates for ADC and Gateway | CISA VMware Releases Security Updates | CISA This is the advisory for Microsoft’s Patch Tuesday: Microsoft Releases November 2022 Security Updates | CISA
VMware – vulnerabilities in their remote-control software
There are many, many users of VMware, I use it, so any vulnerability is critical especially as the VMware is designed for controlling systems! VMware warns of three critical flaws in remote-control tool • The Register
Check your VMware is patched and up-to-date or according to Ars Technica you will get a Halloween surprise
There is a particularly nasty exploit going around the will according to an article on Ars Technica, install a “witch’s brew of malware” on vulnerable systems: VMware bug with 9.8 severity rating exploited to install witch’s brew of malware | Ars Technica The patch for CVE-2022-22954 is out, just get it …