Monthly Patches are out for Microsoft and Adobe. New Alerts for Tenable, SolarWinds, NetApp, Zoom, Intel, and Linux. Fortinet Monthly Patches are out, but with no remotely exploitable vulnerabilities.
Microsoft Exploit
Microsoft Monthly Patches include 90 CVEs, 9 rated Critical, 6 are actively exploited, Highest CVSSv3 score of 9.8
More info. And here.
Adobe has published Monthly Patches for Illustrator, Dimension, Photoshop, InDesign, Acrobat Reader, Bridge, Substance 3D Stager/Sampler/Designer, Commerce, and InCopy. Most vulnerabilities require local privileges, but one is remotely exploitable. Highest CVSSv3 score of 9.0
More info.
Tenable
Security Center has been updated to fix vulnerabilities in third-party software included in the product. Highest CVSSv3 score of 9.1
More info.
SolarWinds Web Help Desk is susceptible to a Java Deserialization RCE vulnerability that would allow a remote attacker to run commands on the host machine. CVSSv3 score of 9.8
More info.
Multiple NetApp products incorporate Freetype which could lead to a DoS. CVSSv3 score of 6.5
More info.
Zoom has published 9 new bulletins, 2 rated High and 7 rated Medium. Highest CVSSv3 score of 8.5
More info.
Intel has published 43 new bulletins, 2 of which identify remotely exploitable vulnerabilities that could allow DoS.
More info. And here. And here.
Red Hat has updated the kernel and kernel-rt. More info.
SUSE has updated the kernel. More info.
Comments