October 19, 2017

Microsoft Releases May 2017 Security Updates

Via US-CERT

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system.

US-CERT encourages users and administrators to review Microsoft’s May 2017 Security Update Summary and Deployment Information and apply the necessary updates.

May 8, 2017

Microsoft has released a critical out-of-band security update addressing a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system.

Users and administrators are encouraged to review Microsoft Security Advisory 4022344 for details and apply the necessary update.

Adobe Releases Security Updates (May 9, 2017)

Via US-CERT

Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Experience Manager Forms. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletins APSB17-15 and APSB17-16 and apply the necessary updates.

Intel Firmware Vulnerability (May 7)

Via US-CERT:

Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect Intel-based consumer PCs. An attacker could exploit this vulnerability to take control of an affected system.

Users and administrators are encouraged to review Intel Security Advisory INTEL-SA-00075 and updated mitigations and tools:

US-CERT recommends users and administrators review Vulnerability Note VU#491375 for additional information and refer to their original equipment manufacturer (OEM) for updated firmware.

May 5, 2017: Mozilla Releases Firefox Security Updates

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR.

An attacker could exploit this vulnerability to take control of an affected system.

US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53.0.2 and Firefox ESR 52.1.1 and apply the necessary updates.

Microsoft Ending Security Updates for Windows 10 version 1507

After May 9, 2017, devices running Windows 10 version 1507 will no longer receive security updates.

US-CERT encourages users and administrators to review Microsoft’s Windows 10 version 1507 post for more information and to apply necessary updates.

via: https://www.us-cert.gov/ncas/current-activity/2017/05/04/Microsoft-Ending-Security-Updates-Windows-10-version-1507