Vulnerability Posts
Update to latest Google Chrome 114
Google has released browser updates 114.0.5735.106 for Mac and Linux and 114.0.5735.110 for Windows to resolve multiple vulnerabilities including CVE-2023-3079 which is currently being exploited. Please expedite deployment of these browser updates.
Chrome desktop updates – Expedite patching
Google has released v112.0.5615.121 which remediates issues that have been used in known exploits (CVE-2023-2033). Please confirm Chrome browsers use this version or higher on all desktop platforms.
Adobe Releases Security Updates for Multiple Products
From CISA Adobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and...
Apple Releases Security Updates for Multiple Products
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. UDIT encourages users and administrators to review the following CISA advisories and...
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal security...
Patch Now: New critical vulnerability in Windows systems could allow complete device takeover
Information Technologies strongly recommends you immediately update any systems running supported Windows OS versions (client and server) with the 2019-08 cumulative or security only patch. As part of its August 13th patch bundle, Microsoft has released fixes for...
What to do about WannaCry
Computers in over a hundred countries have been affected by the ransomware WannaCry; one of the most notable victims was the National Health Service (NHS) in the United Kingdom. No UD systems were affected by WannaCry, but we would like to share some security tips in...
KeeFarce tool compromises security of KeePass password manager
Passwords can be a chore; even those who laud the security offered by password protection for accounts and devices acknowledge that many people don't like having to invent and memorize secure passwords. It's exactly that perspective that leads some people to use...
Microsoft pushing fix for dangerous Sandworm vulnerability. Reminder: Don’t open attachments from untrusted sources
A dangerous zero-day exploit that affects MS Windows computers and MS Windows servers has been spotted (CVE-1012-4114). It's called Sandworm and has been attacking computers and servers as a payload included in infected PowerPoint files. The possibility exists that it...
Windows XP support ends
Microsoft has announced that as of April 8, 2014, Windows XP will no longer be supported. According to Microsoft, after that date, "your XP computer[s] will no longer receive automatic updates." As a result, security vulnerabilities in Windows XP will no longer be...