2 actively exploited zero-days in Chrome fixed along with updates for Edge for Chromium
Hello everyone, Google has recently patched 2 actively exploited zero-day vulnerabilities in Chrome, making this the fourth and fifth actively exploited vulnerability addressed in the past week. The details of the vulnerabilities are as follows: CVE
Security updates released for Chrome, Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2
Hello everyone, Along with this month's Patch Tuesday updates, Google and Mozilla released updates for Chrome and Firefox respectively. Chrome stable channel has been updated to 86.0.4240.193 for Windows, Mac & Linux. The updates by Google and Mozilla
Patch Tuesday November 2020 Updates
Hi there, This Patch Tuesday brings the following fixes and updates. New Security Bulletins : 2020-11 Security Only Quality Update for Windows Server 2008 Systems (KB4586817) (ESU) (CVE-2020-17087) 2020-11 Security Only Quality Update for Windows 7 and
Adobe releases security updates for Adobe Acrobat & Adobe Reader
Hello All, Adobe has released security updates for Adobe Acrobat and Adobe Reader for Windows and macOS. These updates address critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context
Security vulnerabilities fixed in Chrome stable channel update 86.0.4240.183
Hello everyone, Chrome stable channel has been updated to 86.0.4240.183 for Windows, macOS, and Linux. This update comes with fixes for several high severity vulnerabilities. The details of the vulnerabilities are as follows: CVE ID Vulnerability
Oracle releases 8 security patches for Java SE
Hello everyone, Oracle in its Critical Patch Update has released 8 security patches for Java SE. The vulnerabilities addressed are as follows: CVE ID Product Supported versions affected Attack complex CVE-2020-14803 Java SE Java SE: 11.0.8,
Security vulnerabilities fixed in Firefox 82 and Firefox ESR 78.4
Hello everyone, Mozilla has released updates for Firefox 82 and Firefox ESR 78.4. These updates fix several security vulnerabilities, the details of which are as follows: CVE ID Vulnerability Severity CVE-2020-15969 Use-after-free in usersctp High
Adobe releases critical security updates for Flash Player
Hello everyone, Adobe has released security updates for Adobe Flash Player for Windows, macOS, and Linux. These updates address a critical vulnerability in Adobe Flash Player. Successful exploitation could lead to an exploitable crash, potentially resulting
October Patch Tuesday updates
Hello everyone, Below is the list of updates from October 2020 Patch Tuesday New Security Bulletins : 2020-10 Security Update for Adobe Flash Player for Windows (KB4580325) KB4579977, 2020-10 Security and Quality Rollup for .NET Framework 4.5.2 for Windows
Security vulnerabilities fixed in Chrome stable channel 86.0.4240.75 update
Hello everyone, Chrome 86 has been promoted to stable channel Chrome 86.0.4240.75, for Windows, Mac and Linux. This update comes with several fixes and improvements. Below are the details of the security fixes: CVE ID Vulnerability Severity CVE-2020-15967 Use after free in payments Critical CVE-2020-15968 Use after free in Blink High CVE-2020-15969 Use after free in WebRTC High CVE-2020-15970 Use after free in NFC High CVE-2020-15971 Use after free in printing
Firefox 81 and Firefox ESR 78.3 patches high severity vulnerabilities
Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3. The CVE IDs addressed in the latest version are as follows: CVE ID Description Severity CVE-2020-15677 Download origin spoofing via redirect Moderate CVE-2020-15676 XSS when pasting attacker-controlled data into a contenteditable element Moderate CVE-2020-15678 When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario
CISA's Emergency Directive 20-04 mandates federal agencies to mitigate CVE-2020-1472 (Netlogon Elevation of Privilege Vulnerability)
This advisory applies to: All Federal Executive Branch Departments and Agencies, Except for the Department of Defense, Central Intelligence Agency, and Office of the Director of National Intelligence. On August 11, 2020, Microsoft issued a security update to mitigate CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability in Windows Server operating systems. This vulnerability exists within the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), an interface used for user and machine authentication
Google Chrome releases stable channel update 85.0.4183.121
Hello folks, Google Chrome has recently updated the stable channel to 85.0.4183.121. The CVE IDs addressed in the latest version and their corresponding severity are as follows: CVE-2020-15960 - High CVE-2020-15961 - High CVE-2020-15962 - High CVE-2020-15963 - High CVE-2020-15965 - High CVE-2020-15966 - Medium CVE-2020-15964 - Low Patch Manager Plus now supports patches to address the aforementioned CVEs and update Google Chrome to the latest version 85.0.4183.121 for Windows, Mac, and Linux.
Patch Tuesday September 2020 - Supported updates
Hello there, Below is the breakdown of all the updates released in September 2020 Patch Tuesday. New Security Bulletins : 2020-09 Security Monthly Quality Rollup for Windows Server 2008 Systems (KB4577064) (ESU) - Not Supported 2020-09 Security Only Quality Update for Windows Server 2008 Systems (KB4577070) (ESU) 2020-09 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 Systems (KB4577053) (ESU) 2020-09 Security Only Quality Update for Windows Server 2012 Systems (KB4577048) 2020-09
Chrome stable channel update fixes 20 security vulnerabilities
Hello everyone, Chrome 85 has been promoted to the stable channel 85.0.4183.83 for Windows, macOS, and Linux. This update comes with fixes for 20 security vulnerabilities, the details of which are given below: CVE ID Vulnerability details Severity CVE-2020-6558 Insufficient policy enforcement in iOS High CVE-2020-6559 Use after free in presentation API High CVE-2020-6560 Insufficient policy enforcement in autofill Medium CVE-2020-6561 Inappropriate implementation in Content
Security updates released for Firefox 80, ESR 68.12, and ESR 78.2
Hello everyone, Mozilla has released security updates for Firefox 80, Firefox ESR 68.12, and Firefox ESR 78.2. Most of the vulnerabilities fixed are of high severity. The details of the vulnerabilities fixed are as follows: CVE ID Vulnerability details Severity CVE-2020-15663 Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege High CVE-2020-15664 Attacker-induced prompt for extension installation High CVE-2020-12401 Timing-attack
Out-of-band updates released for Windows 8.1 and Windows Server 2012 R2
Hello everyone, Microsoft on August 19, released an emergency out-of-band update for two privilege escalation vulnerabilities disclosed in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems. The vulnerabilities are tracked as CVE-2020-1530 and CVE-2020-1537. Both of these vulnerabilities exist in Windows Remote Access Service (RAS) and when exploited, grant elevated privileges to remote attackers. A patch for both vulnerabilities for Windows 10, Windows 7, and Windows Server 2008,
Patch update delayed since application is used by another process
Is there anyway to automatically add computers with patches that cannot install due to the fact that the user has them in use to be added to the automated restart schedule that takes place for updates that require a restart. I find in some scenarios computers might have 10 or so updates wanting to install, however the update its trying to install wont install as the user has it open so it will constanly retry to the count i have set before it fails and then continues to install the others. Is there
August Patch Tuesday - Non-security and Third party updates
Hello everyone, Below is the list of the supported Non-security and Third party updates from August Patch Tuesday NON-SECURITY UPDATES : Update for Microsoft Office 2016 (KB4484418) Update for Microsoft Project 2016 (KB4484477) Update for Skype for Business 2016 (KB4484464) Update for Microsoft Office 2010 (KB4484454) Update for Microsoft PowerPoint 2010 (KB4092435) NON-SECURITY SQL SERVER UPDATES : Cumulative Update Package 6 for SQL Server 2019 - KB4563110 Cumulative Update Package 14 for SQL
August Patch Tuesday security updates
Hello everyone, Below is the list of the security updates supported from August Patch Tuesday New Windows Security Updates : 2020-08 Security Only Quality Update for Windows 8.1 (KB4571723) (CVE-2020-1464) 2020-08 Security Only Quality Update for Windows Server 2012 R2 (KB4571723) (CVE-2020-1464) 2020-08 Security Only Quality Update for Windows Server 2012 (KB4571702) (CVE-2020-1464) 2020-08 Security Monthly Quality Rollup for Windows 8.1 (KB4571703) (CVE-2020-1464) (CVE-2020-1380) 2020-08 Security
Security fixes released for Adobe Acrobat and Reader
Hello everyone, Adobe has released security updates for Acrobat and Reader for Windows and macOS. Most of the updates are rated 'critical' and 'important'. Successful exploitation of these vulnerabilities could lead to arbitrary code execution in the context of the current user. The affected versions are as follows: Acrobat DC Continuous - 2020.009.20074 and earlier versions Acrobat Reader DC Continuous - 2020.009.20074 and earlier versions Acrobat 2017 Classic 2017 - 2017.011.30171 and earlier versions
Chrome stable channel update 84.0.4147.125 fixes several security vulnerabilities
Hello everyone, Google has updated its stable channel for Chrome to 84.0.4147.125 for Windows, macOS, and Linux. This update comes with 15 security fixes. The vulnerabilities addressed are as follows: CVE ID Vulnerability Severity CVE-2020-6542 Use after free in ANGLE High CVE-2020-6543 Use after free in task scheduling High CVE-2020-6544 Use after free in media High CVE-2020-6545 Use after free in audio High CVE-2020-6546 Inappropriate implementation in installer
API access to view remarks
In the on premise version of Desktop Central when waiting for a configuration to deploy of missing patches for a computer you can view remarks for it which tells you the estimated time they will deploy. Is there any way to see that using the API? Also is there any way to actually have Desktop Central deploy immediately insead of sometimes having to wait for an hour even though the patches are downloaded and ready to install?
Security updates released for Firefox 79 and Firefox ESR 68.11
Hello everyone, Mozilla has fixed several security vulnerabilities in Firefox 79 and Firefox ESR 68.11. The details of the vulnerabilities are as follows: CVE ID Vulnerability Severity CVE-2020-15652 Potential leak of redirect targets when loading scripts in a worker High CVE-2020-6514 WebRTC data channel leaks internal address to peer High CVE-2020-15655 Extension APIs could be used to bypass Same-Origin Policy High CVE-2020-15653 Bypassing iframe sandbox when allowing
Chrome updated to stable channel 84.0.4147.105
Hello everyone, Google Chrome has been updated to stable channel 84.0.4147.105 for Windows, macOS, and Linux. This update fixes several security vulnerabilities, the details of the same are presented below: CVE ID Vulnerability Severity CVE-2020-6537 Type Confusion in V8 High CVE-2020-6538 Inappropriate implementation in WebView High CVE-2020-6532 Use after free in SCTP High CVE-2020-6539 Use after free in CSS High CVE-2020-6540 Heap buffer overflow in Skia High
Issue with PMP since custom patch
I have been having an issue getting a problem resolved that I've had since I requested a product enhancement to PMP. Our Company had a need for an enhancement that we reached out to ME about, and they seemed super happy to develop it. When they gave me the enhancement, I installed it, but it didn't seem to work all the way. I reahced out to them, and they remoted in and did some work on it that, on the outset, seemed to get the functionality going. Unfortunately, it appears to have broken my patch
Security updates for Microsoft Edge (Chromium - based)
Hello everyone, Security updates for Microsoft Edge (Chromium-based) has been released to fix several vulnerabilities. The details of the vulnerabilities addressed are as follows: CVE-ID Vulnerability details Severity CVE-2020-6510 Heap buffer overflow in background fetch Critical CVE-2020-6511 Side-channel information leakage in content security policy High CVE-2020-6512 Type Confusion in V8 High CVE-2020-6513 Heap buffer overflow in PDFium High CVE-2020-6514
Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350)
Hello there, Patch Tuesday July 2020 comes with a fix for the critical vulnerability CVE-2020-1350 in Windows DNS Server. This vulnerability is classified 'wormable' and has been given a CVSS score of 10. Cause of this vulnerability: This vulnerability exists due to the improper handling of requests by Windows Domain Name System (DNS) Servers. Impact of this vulnerability: To exploit this vulnerability, an unauthenticated attacker should send malicious requests to a Windows DNS server.
Patch Tuesday July 2020 - Supported updates
Hello everyone, Below is breakdown of all the updates released this Patch Tuesday. New Security Bulletins : 2020-07 Servicing Stack Update for Windows 10 Version 1809 and Windows Server 2019 (KB4558997) 2020-07 Servicing Stack Update for Windows 10 Version 1803 (KB4565552) 2020-07 Servicing Stack Update for Windows 10 Version 1709 (KB4565553) 2020-07 Servicing Stack Update for Windows 10 Version 1903 and Windows Server, version 1903 (KB4565554) 2020-07 Servicing Stack Update for Windows 10 Version
Google stable channel updated to 84.0.4147.89
Hello everyone, Chrome 84 has been updated to stable channel 84.0.4147.89 for Windows, Mac, and Linux. Various security issues have been fixed with this release, the details of which are as follows: CVE-ID Vulnerability details Severity CVE-2020-6510 Heap buffer overflow in background fetch Critical CVE-2020-6511 Side-channel information leakage in content security policy High CVE-2020-6512 Type Confusion in V8 High CVE-2020-6513 Heap buffer overflow in PDFium High
Google releases chrome stable channel update 83.0.4103.116
Hello everyone, Google has updated its chrome stable channel to 83.0.4103.116 for Windows, Mac, and Linux. This following high severity vulnerability has been fixed in this release. CVE-2020-6509: Use-after-free in extensions To patch this vulnerability using Patch Manager Plus, initiate a sync between the Patch Database and Patch Manager Plus server. Once this is done, search for the following Patch IDs or Bulletin ID and install them in target systems. Patch ID Bulletin ID Patch Description
Chrome stable channel update fixes 3 vulnerabilities
Hello folks, Google has updated its chrome stable channel to 83.0.4103.106 for Windows, Mac, and Linux. This update comes with fixes for three vulnerabilities. The details of these vulnerabilities are as follows: CVE ID Vulnerability Severity CVE-2020-6505 Use after free in speech High CVE-2020-6506 Insufficient policy enforcement in WebView High CVE-2020-6507 Out of bounds write in V8 High To install this update using Patch Manager Plus, initiate a sync between the Patch Database and Patch
Windows SMB protocol hit again by a new critical vulnerability - SMBleed
Hello everyone, A mere three months after patching a wormable SMBv3 vulnerability dubbed SMBGhost (CVE-2020-0796), cybersecurity researchers have identified another similar vulnerability in Windows SMB protocol. This vulnerability is called SMBleed (CVE-2020-1206) and has a severity rating score of 10. What is SMBleed? SMBleed is a new critical wormable vulnerability found in the Windows Server Message Block (SMB) protocol. This vulnerability allows attackers to leak kernel memory remotely. SMBleed
Patch Tuesday June 2020 - Supported updates
Hello everyone, This month, we are witnessing the largest ever Patch Tuesday with 129 security fixes. Here is the list of supported updates New Security Bulletins : 2020-06 Security Update for Adobe Flash Player for Windows (KB4561600) 2020-06 Security Only Quality Update for Windows Server 2008 (KB4561645) (ESU) 2020-06 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4561669) (ESU) 2020-06 Security Only Quality Update for Windows Server 2012 (KB4561674) 2020-06 Security
Chrome releases security updates to fix critical vulnerabilities
Hello everyone, Chrome has updated its stable channel to 83.0.4103.97 for Windows, Mac, and Linux. This update comes with security fixes for several vulnerabilities. The details of the vulnerabilities are as follows: CVE ID Vulnerabilities Severity CVE-2020-6493 Use after free in WebAuthentication High CVE-2020-6494 Incorrect security UI in payments High CVE-2020-6495 Insufficient policy enforcement in developer tools High CVE-2020-6496 Use after free in payments High To patch these vulnerabilities
Mozilla releases security fixes for Firefox 77
Hello everyone, Mozilla has released security fixes for vulnerabilities in Firefox 77. The details of the vulnerabilities fixed are as follows CVE ID Vulnerability Severity CVE-2020-12399 Timing attack on DSA signatures in NSS library High CVE-2020-12405 Use-after-free in SharedWorkerService High CVE-2020-12406 JavaScript type confusion with NativeTypes High CVE-2020-12407 WebRender leaking GPU memory when using border-image CSS directive Moderate CVE-2020-12408 URL spoofing when using IP
Rollout of Windows 10 2004 Feature updates
Hello All, A Quick heads-up, Microsoft has released its Windows 10 2004 feature updates for users. Below you can find a few highlights of this feature update. Fast identity authentication through Windows Hello is now supported across all major browsers. Windows Defender system guard enables a higher level of firmware protection. Setup Diag is automatically installed. Improvements in Windows Powershell cmdlets. Go ahead and read this document to know what the pre-requisites are and how
Introducing support for Driver and BIOS updates in Patch Manager Plus
Hello everyone, We are delighted to announce that you can now update Drivers and BIOS using Patch Manager Plus. With this addition, Patch Manager Plus goes one step further to fulfilling all the patching requirements present in a business environment. You can avail these updates from Patch Manager Plus build version 10.0.545. Driver and BIOS updates are also supported on Patch Manager Plus Cloud. For a complete list of the supported Driver and BIOS updates, refer this document. Cheers, ManageEngine
Chrome 83.0.4103.61 fixes 38 security flaws
Hello everyone, The latest stable version of the web browser ' Google Chrome ', version 83.0.4103.61, aka Chrome 83, is released for Windows, Mac and Linux. This update contains 38 security fixes and packs a number of new features including enhanced privacy controls, new settings for managing cookie files, a new Safety Check option, support for tab groups, new graphics for web form elements, a new API for detecting barcodes, and a new anti-XSS security feature. Here's a quick glance at the list
Adobe releases patches for vulnerabilities in Reader and Acrobat
Hello everyone, In this month's security release, Adobe has fixed security vulnerabilities in Reader and Acrobat for Windows and macOS. If these vulnerabilities are exploited, they could cause remote code execution attacks and information leaks. The details of the vulnerabilities are as follows: CVE-ID Severity Impact CVE-2020-9610 Important Application denial-of-service CVE-2020-9612 Critical Arbitrary Code Execution CVE-2020-9615 Critical Security feature bypass CVE-2020-9597 CVE-2020-9594
Next Page