Vulnerabilities

Vulnerability Posts

Update for Tenable Agents version 10.8.2

The Tenable agents used to scan the UD environment for vulnerabilities has released a updated version 10.8.2 that fixes multiple issues including an bug that will cause some versions to go offline during plugin updates. Security Operations will be reaching out to...

November Microsoft Vulnerability Notice

There are multiple critical patches for November.  Please note that if additional attack vectors or new exploits are released the priority for remediation will change. Kerberos issues (CVE-2024-43639) will require expedited remediation if credible exploits are...

Updated patches for most Apple products

On July 29, Apple issued multiple security updates to address vulnerabilities impacting many current Apple products.  Review the July 29 entries on the Apple security updates page: https://support.apple.com/en-us/HT201222 Please upgrade to the latest patched software...

Google Chrome patches – Updated May 24, 2024

Google has released updated patches to address several vulnerabilities. Please review your browser version to make sure you are running the most recent stable release. The remediated stable version for Windows and Mac users is version 125.0.6422.112 or or later and...

Apple patches available for most products

Apple has published patches on May 14, 2024 that are recommended for testing and installation on all impacted systems. Some of the vulnerabilities may allow remote code execution. Please review the following advisories and apply necessary updates:  Safari 17.5 iOS...

Microsoft May 2024 Security Updates

There are known exploits for 2 of the new vulnerabilities released. Neither of these expose remote code execution. This patch is critical for SharePoint systems. Exploit code is expected for a vulnerability that allows an attacker to execute any desired code on the...

April Microsoft Security Update

There are no known exploits for the new vulnerabilities released. Guidance will be adjusted if and when exploits are released publicly.  The most significant patches are to ODBC drivers for connections to SQL server and Windows Defender SmartScreen...

March Microsoft Security Updates

There are no published exploits for any of the vulnerabilities released for March. Guidance will be adjusted if and when exploits are released publicly.  The most significant patches are to Hyper-V, Exchange Server and OMI for Linux servers.   Expedited patching is...

Microsoft Patch Tuesday February 2024

There are critical patches that do not have published exploits. Guidance will be adjusted if and when exploits are released publicly.  The most significant patches are to Exchange Server and Microsoft Office.   Expedite patching for any system using Exchange...