Vulnerabilities

Vulnerability Posts

Microsoft Patch Tuesday February 2024

There are critical patches that do not have published exploits. Guidance will be adjusted if and when exploits are released publicly.  The most significant patches are to Exchange Server and Microsoft Office.   Expedite patching for any system using Exchange...

VMware vCenter updates

VMware vCenter users are encouraged to review the information for VMSA-2023-0023.1 and ensure they are running vCenter version that are not impacted by the vulnerabilities (CVE-2023-34048 and CVE-2023-34056)

November MS Patch Vulnerabilities

Recommending expedited patching for any system using Microsoft MQ, Azure CLI, or Hyper-V. There are critical rated patches for impacting these systems.  Normal patching and testing for all other services.  There are Microsoft Office patches as well so please...

October MS Patch Vulnerabilities

Recommending expedited patching for any system using Microsoft MQ, Microsoft Exchange, or the Routing and Remote Access Service . There are 9 critical rated patches for Routing and Remote Access Service and 15 for MS MQ.  Please patch as soon as possible if using...

Chrome Update Available

A Chrome browser vulnerability has been released that can be use to execute remote code on systems. The following versions are impacted: Chrome versions prior to 116.0.5845.180 for Windows Chrome versions prior to 116.0.5845.187/.188 for Mac and Linux Please update...

Update Firefox to latest version available

Mozilla has released patches including a fix to an issue that enables an attacker to execute code remotely. Please update to the latest version of Firefox(116 or higher for most systems) or Firefox ESR (115.1 or 102.14 or higher). Review the  Firefox 116, Firefox ESR...