Vulnerability Posts
November Microsoft Vulnerability Notice
There are multiple critical patches for November. Please note that if additional attack vectors or new exploits are released the priority for remediation will change. Kerberos issues (CVE-2024-43639) will require expedited remediation if credible exploits are...
Updated patches for most Apple products
On July 29, Apple issued multiple security updates to address vulnerabilities impacting many current Apple products. Review the July 29 entries on the Apple security updates page: https://support.apple.com/en-us/HT201222 Please upgrade to the latest patched software...
Google Chrome patches – Updated May 24, 2024
Google has released updated patches to address several vulnerabilities. Please review your browser version to make sure you are running the most recent stable release. The remediated stable version for Windows and Mac users is version 125.0.6422.112 or or later and...
Apple patches available for most products
Apple has published patches on May 14, 2024 that are recommended for testing and installation on all impacted systems. Some of the vulnerabilities may allow remote code execution. Please review the following advisories and apply necessary updates: Safari 17.5 iOS...
Microsoft May 2024 Security Updates
There are known exploits for 2 of the new vulnerabilities released. Neither of these expose remote code execution. This patch is critical for SharePoint systems. Exploit code is expected for a vulnerability that allows an attacker to execute any desired code on the...
April Microsoft Security Update
There are no known exploits for the new vulnerabilities released. Guidance will be adjusted if and when exploits are released publicly. The most significant patches are to ODBC drivers for connections to SQL server and Windows Defender SmartScreen...
March Microsoft Security Updates
There are no published exploits for any of the vulnerabilities released for March. Guidance will be adjusted if and when exploits are released publicly. The most significant patches are to Hyper-V, Exchange Server and OMI for Linux servers. Expedited patching is...
Microsoft Patch Tuesday February 2024
There are critical patches that do not have published exploits. Guidance will be adjusted if and when exploits are released publicly. The most significant patches are to Exchange Server and Microsoft Office. Expedite patching for any system using Exchange...
VMware vCenter updates
VMware vCenter users are encouraged to review the information for VMSA-2023-0023.1 and ensure they are running vCenter version that are not impacted by the vulnerabilities (CVE-2023-34048 and CVE-2023-34056)
Update web browsers including Chrome and Firefox
Google has released updates to remediate known exploited issues in their browser. Please update Chrome to versions higher than 120.0.6099.224 to prevent attacks using CVE-2024-0519. Please review vendor specific notices for browsers derived from Chrome including...