Adobe releases out-of-band security updates in its products
Adobe is considered one of the widely used third-party applications in the market with over 15 million active subscriptions. As announced earlier, Adobe has released out-of-band security updates today to patch a total of 82 security vulnerabilities across products listed below. Adobe Acrobat and Reader Adobe Experience Manager Adobe Experience Manager Forms Adobe Download Manager Of these 82 vulnerabilities, 45 are rated critical and if exploited, attackers can execute arbitrary code in the context
Scan Systems Stuck at "In Progress"
I am using Vulnerability Manager Plus v10.0.337. I am trying to scan 2 PC's that are part of domain. The OS of both machines is Windows 7. The agent is installed on both PC's. The scan is successful on the server that has Vulnerability Manager Plus. PC's can ping to the server, vice versa. .
Patch Tuesday September 2019 updates from ManageEngine
Good day. Quick update on the September 2019 Patch Tuesday. New Security Bulletins : 2019-09 Security Update for Adobe Flash Player for Windows (KB4516115) 2019-09 Security Only Quality Update for Windows Server 2008 (KB4516051) 2019-09 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4516033) 2019-09 Security Only Quality Update for Windows Server 2012 (KB4516062) 2019-09 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4516064) 2019-09 Cumulative
Patch Tuesday August 2019 updates from ManageEngine
Good day. Quick update on the August 2019 Patch Tuesday. New Security Bulletins : 2019-08 Security Only Quality Update for Windows Server 2008 (KB4512491) 2019-08 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4512486) 2019-08 Security Only Quality Update for Windows Server 2012 (KB4512482) 2019-08 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4512489) 2019-08 Cumulative Update for Windows 10 Version 1809 and Windows Server 2019 (KB4511553) 2019-08
July 2019 Patch Tuesday updates
New Security Bulletins : 2019-07 Security Only Quality Update for Windows Server 2008 (KB4507461) (CVE-2019-1132) 2019-07 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4507456) (CVE-2019-1132) 2019-07 Security Only Quality Update for Windows Server 2012 (KB4507464) (CVE-2019-0880) 2019-07 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4507457) (CVE-2019-0880) 2019-07 Cumulative Update for Windows 10 Version 1803 and Windows Server 2016 (1803)
Mozilla fixed Zero-day vulnerabilities in Firefox
Mozilla addressed two zero-day vulnerabilities in Mozilla Firefox that were being used in targeted attacks in the wild. CVE-2019-11707 is a type confusion vulnerability in Mozilla Firefox that can result in an exploitable crash. CVE-2019-11708 is a sandbox escape vulnerability. Combining both CVE-2019-11708 and CVE-2019-11707, attackers can perform arbitrary code execution. Thunderbird is also affected but generally cannot be exploited since scripting is disabled when reading mail. Following this,
Microsoft Patch Tuesday updates for June 2019
New Security Bulletins : 2019-06 Security Update for Adobe Flash Player for Windows (KB4503308) 2019-06 Security Only Quality Update for Windows Server 2008 (KB4503287) 2019-06 Security Only Quality Update for Windows 7 and Windows Server 2008 R2 (KB4503269) 2019-06 Security Only Quality Update for Windows Server 2012 (KB4503263) 2019-06 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 (KB4503290) 2019-06 Cumulative Update for Windows 10 Version 1607 and Windows Server 2016
Microsoft releases a fix for the Wormable vulnerability(CVE-2019-0708)
Microsoft released this month's edition of Patch Tuesday with fix for a highly critical vulnerability. This vulnerability (CVE-2019-0708), dubbed "Wormable vulnerability", resides in "Remote Desktop Services" component and could be exploited remotely by sending specially crafted requests over RDP(Remote Desktop Protocol) to a targeted system. This vulnerability is present in Windows 7, Windows Server 2008 R2, Windows Server 2008 and in older versions like Windows XP and Windows 2003 as well.
Critical bug fixes in Google Chrome 74.0.3729.108
The Chrome team has rolled out the latest version Chrome 74.0.3729.108 with a huge list of bug fixes and improvements. This update comes with nearly 39 security fixes. Below is the list of CVE IDs that are mentioned 'Critical' CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808 CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5812 CVE-2019-5813 CVE-2019-5814 CVE-2019-5815 CVE-2019-5816 CVE-2019-5817 CVE-2019-5818 CVE-2019-5819 CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5823 To patch
Remote code execution vulnerability found in Apache Tomcat for Windows
Almots all the major versions (Apache Tomcat 7.x, Apache Tomcat 8.x and Apache Tomcat 9.x ) of the widely used server application Apache Tomcat, are affected with a remote code execution vulnerability (CVE-2019-0232). A Remote code execution vulnerability is a critical vulnerability that allows an attacker to access your system and make changes, no matter where they are. This vulnerability is fixed in the latest update for each Apache Tomcat release. Thererefore, it is imperative that you detect
Apache 2.4.39 to fix important web server vulnerabilities
The CVE-2019-0211, a privilege escalation vulnerability, affecting Apache versions 2.4.17 to 2.4.38 could allow any under-privileged user to execute arbitrary code on the targeted server with root privileges. This vulnerability along with three low and two other important severity issues are addressed in the latest Apache httpd 2.4.39 version. With Vulnerability Manager Plus, you can detect these vulnerabilities and your network servers that are affected by these vulnerabilities. It is advisable
Google Chrome is affected by zero day vulnerabilities
Zero day vulnerabilities have been disclosed for different versions of Chrome. Vulnerability Affected versions Type confusion vulnerability in JSPromise::TriggerPromiseReactions Google Chrome 72.0.3626.96 (Official Build) (64-bit) Google Chrome 74.0.3702.0 (Official Build) dev (64-bit) Type confusion vulnerability in V8TrustedTypePolicyOptions::ToImpl Google Chrome 72.0.3626.81 (Official Build) (64-bit) Internal object leak vulnerability in ReadableStream Not known To know which systems
Microsoft warns BSOD on devices after enabling EUDC
Microsoft has warned that if per font end-user-defined characters (EUDC) is enabled, the system will stop working and a blue screen will appear at startup. But it can be avoided if you don't install the following updates: KB4489894, KB4489890, KB4489888 and KB4489889. Vulnerability Manager Plus has suspended these updates and for users who already have these updates in your endpoints, kindy follow the steps given in the Microsoft's official KB article. https://support.microsoft.com/en-in/help/4496149
Critical updates released for Mozilla Thunderbird, iCloud, and iTunes
Apple and Mozilla have released critical updates in their products — iCloud 7.11.0.19, iTunes 12.9.4.102 and Thunderbird 60.6.1 respectively. Vulnerability Manager Plus now supports patching for these updates. Below are the CVE IDs of the vulnerabilities that are addressed in the latest update for each application. Application: iCloud (7.11.0.19) CVE IDs addressed: CVE-2019-8542,CVE-2019-6232,CVE-2019-8506,CVE-2019-8535,CVE-2019-6201,CVE-2019-8518,CVE-2019-8523,CVE-2019-8524,CVE-2019-8558,CVE-2019-8559,CVE-2019-8563,CVE-2019-8515,CVE-2019-8536,CVE-2019-8544,CVE-2019-7285,CVE-2019-8556,CVE-2019-8503,CVE-2019-7292,CVE-2019-8551,CVE-2019-6236.
Critical security updates released for Firefox 66.0.1
Mozilla has released updates to address two critical vulnerabilities in Firefox 66.0.1 and Firefox 66.6.1 ESR (Extended Support Release). These vulnerabilities, that are addressed in CVE-2019-9810 and CVE-2019-9813, come as fixes for incorrect handling of files in IonMonkey (Mozilla's JIT compiler for SpiderMonkey). Vulnerability Manager Plus now supports these critical Mozilla updates. To patch your Mozilla Firefox with these latest critical updates, look for Patch IDs 309305,309306,309307 and 309309.
Chrome 73 to patch a huge list of critical vulnerabilities
Google Chrome has rolled out Chrome 73 for Windows, Mac and Linux. Around 60 security fixes are included in the Chrome 73.0.3683.75 update. Below is a highlighted list of fixes that address critical vulnerabilities: Workaround: Search for the following patch IDs: 309179 (for 32 bit) ,309181 (for 64) in Vulnerability Manager Plus and deploy them immediately to stay secure against the above mentioned vulnerabilities.
Launching Vulnerability Manager Plus: Hunt down security loopholes with 100% precision
Amp up your endpoint security game with ManageEngine's all-new Vulnerability Manager Plus. Pinpoint, prioritize, and eliminate vulnerabilities with ease. With Vulnerability Manager Plus' 360-degree visibility, you can eliminate blind spots, uncover exposed areas of your network, and seal security loopholes before they lead to a breach. Vulnerability Manager Plus delivers the threat intelligence necessary to predict real risks from a plethora of vulnerabilities, and acts as a strategic partner in
