CND News and Blog

New Vulnerabilities Wednesday 02 November


Monthly Patches are out for Fortinet. New Alerts for OpenSSL, Dell, Google LTS ChromeOS, and Linux.     
Splunk Quarterly Patches were pushed to today.

OpenSSL 

OpenSSL released version 3.0.7, which patches two related vulnerabilities rated as High. Although originally rated Critical, it was determined the complexity to exploit the RCE vulnerability warranted a downgrade. Expect a ripple of product updates where OpenSSL is used.
More info. And here.

Juniper has published an out-of-cycle bulletin for OpenSSL. More info.
Node.js will publish security updates for OpenSSL. More info.

Note that with this type of widely reported software update that affects so many products, after this alert we will not report individual products that update for this vulnerability.

Dell 

Dell EMC Cyber Recovery remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. Dell rates this Critical.
More info.

Dell XC remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system. Dell rates this High.
More info.

Fortinet 

Fortinet Monthly Patches are out, with 16 bulletins, 6 rated High, 7 rated Medium, and 3 rated Low.
More info.

Google 

Google has updated the LTS channel of ChromeOS for several security fixes, all rated High.
More info.

Linux 

SUSE has updated the kernel and OpenSSL. More info.
OpenSUSE has updated the kernel and OpenSSL. More info.
Red Hat has updated the kernel and OpenSSL. More info.
Oracle Linux has updated the kernel and OpenSSL. More info.
Ubuntu has updated OpenSSL. More info.
Gentoo Linux has updated OpenSSL. More info.



Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

A mobile version of our Security Wizardry Radar Page, providing vulnerability details and visibility for a variety of software and industries.

SecurityWizardry.com - Vulnerability Details

Security Wizardry Radar Page provides vulnerability details and visibility for a variety of software and industries.

Report Print
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, 28 January 2023

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cndltd.com/

Are You Ready To Find Out More?

Arrange a Chat With Our Friendly Service Delivery Team.