Monthly Patches are out for Microsoft (Exploit) and Adobe. New Alerts for Apple (Exploit), Contec, Google Chrome, Rockwell Automation, Dell, NETGEAR, and Mozilla.
Palo Alto Networks Monthly Patches are expected out this afternoon.
Microsoft Exploit
Microsoft Monthly Patches include 74 vulnerabilities, 7 are Critical, 1 was previously disclosed, and 1 is being exploited. Highest CVSSv3 score of 8.8
More info. And here. And here.
Apple released updates for iOS/iPadOS, MacOS, TVOS, WatchOS, and Safari, fixing 39 vulnerabilities. One vulnerability in WebKit is being exploited.
More info. And here.
Adobe has published updates for Experience Manager, Illustrator, and Campaign Classic. Updates are rated Important.
M ore info.
CONPROSYS HMI System (CHS) contains an OS Command Injection vulnerability that could allow a remote attacker to send specially crafted requests to execute commands on the server. CVSSv3 score of 10.
More info. And here.
Google has updated Chrome for Desktop to fix 8 security vulnerabilities.
More info.
MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. CVSSv3 score of 8.2
More info.
The webserver of the Micrologix-1400 B PLC contains a vulnerability that may lead to a DoS. CVSSv3 score of 7.5
More info.
Dell NetWorker Management Console remediation is available for Apache Vulnerability in port 9090 that may be exploited by remote attackers to compromise the affected system. Highest CVSSv3 score of 9.1 Dell rates this Critical.
More info.
NETGEAR is aware of a pre-authentication buffer overflow security vulnerability on the RAX30. CVSSv3 score of 7.5
More info.
NETGEAR is aware of multiple vulnerabilities on the RAX30. These vulnerabilities require an attacker to have your WiFi password or an Ethernet connection to your network to be exploited. Highest CVSSv3 score of 7.8
More info.
Mozilla has updated Thunderbird, Firefox, and Firefox ESR. All three bulletins are rated High.
More info.