Security Notices for IT Professionals
Microsoft Patch Tuesday February 2024
There are critical patches that do not have published exploits. Guidance will be adjusted if and when exploits are released publicly. The most significant patches are to Exchange Server and Microsoft Office. Expedite patching for any system using Exchange...
Update Firefox and Thunderbird to latest version available
Mozilla has released patches including a fix to an issue that enables an attacker to load content without a click from a user. Please update to the latest version of Firefox(115 or higher for most systems) and Thunderbird (102.13 or higher) if installed. Review the...
Update to latest Google Chrome 114
Google has released browser updates 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows to resolve multiple vulnerabilities including CVE-2023-3079 which is currently being exploited. Please expedite deployment of these browser updates.
Chrome desktop updates – Expedite patching
Google has released v112.0.5615.121 which remediates issues that have been used in known exploits (CVE-2023-2033). Please confirm Chrome browsers use this version or higher on all desktop platforms.
Adobe Releases Security Updates for Multiple Products
From CISA Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and...
Apple Releases Security Updates for Multiple Products
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. UDIT encourages users and administrators to review the following CISA advisories and...
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal security...