Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Microsoft fixes 88 flaws, Adobe security updates, Intel’s advisories, and many more: Patch Tuesday – Week 2, June 2019

Microsoft fixes 88 flaws, Adobe security updates, Intel’s advisories, and many more: Patch Tuesday – Week 2, June 2019

Adobe

Adobe has released security updates to fix major vulnerabilities in its Adobe Flash, Adobe ColdFusion, and Adobe Campaign software products. The update for Flashpatches a critical use-after-free vulnerability (CVE-2019-7845) that can lead to arbitrary code execution (ACE) attack. The ColdFusion updates also address three critical ACE vulnerabilities (CVE-2019-7838, CVE-2019-7839, and CVE-2019-7840) in the platform. On the other hand, seven vulnerabilities that existed in Adobe Campaign, including one rated critical (CVE-2019-7850), was also remediated with new updates.

Intel

For this month, Intel has published various advisories that address security vulnerabilities found in multiple firmware and software products. Out of the 25 vulnerabilities addressed, nine were rated as high severity. The high-impact flaws were found in Intel NUC, Intel RAID Web Console 3 (RWC3), Intel Accelerated Storage Manager and in Intel Rapid Storage Technology Enterprise (RSTe). The flaws could lead to an escalation of privilege(EoP), denial of service (DoS) or result in information disclosure (ID).

Other products covered in the advisories include vulnerabilities in Intel® Turbo Boost Max Technology 3.0 driver, Open Cloud Integrity Technology (Open CIT), OpenAttestation, Intel® Omni-Path Fabric Manager GUI, ITE Tech* Consumer Infrared Driver for Windows 10, INF Update Utility, Intel® PROSet/Wireless WiFi Software and Intel® SGX driver for Linux. A microprocessor related-flaw was also addressed.

Intel has planned to release software updates for the affected products, except for the Turbo Boost Max Technology 3.0 driver, which it has decided to issue a Discontinuation Notice to users.

Microsoft

Microsoft has rolled out monthly updates which fix 88 security vulnerabilities. Among them, 21 flaws had a rating of ‘Critical’. Vulnerabilities mostly included remote code execution (RCE), ID and cross-site scripting (XSS) flaws that affected various products. The affected products listed in the updates are:

  • Adobe Flash Player
  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge
  • Microsoft Office and Microsoft Office Services and Web Apps
  • ChakraCore
  • Skype for Business and Microsoft Lync
  • Microsoft Exchange Server
  • Azure

In the updates, the tech giant has also patched four (CVE-2019-1069, CVE-2019-1053, CVE-2019-1064, CVE-2019-0973) out of five zero-day vulnerabilities uncovered last month.

SAP

SAP has published 11 security notes in this month along with three follow-up updates to previous notes. The security notes address DoS, XSS, ID, clickjacking and missing authorization check vulnerabilities found in many of its products. Products impacted from the flaws are SAP NetWeaver Process Integration, SAP Work Manager, SAP Inventory Manager, SAP R/3 Enterprise Application, SAP HANA Extended Application Services and SAP NetWeaver AS ABAP Platform.

VMware

VMware fixes two major vulnerabilities which impacted its VMware Tools and Workstation products. While the update for VMware Tools resolves an out-of-bounds read (CVE-2019-5522) vulnerability in a software driver, the update for Workstation is for a use-after-free (UAF) vulnerability (CVE-2019-5525) present in the backend. The UAF has a CVSS score of 8.5 and the out-of-bounds read flaw scores 7.1.

Ubuntu

Ubuntu has released software updates for the recent vulnerabilities discovered in Vim and Neovim applications. Both the applications could be exploited with RCE attacks due to file handling issues in these software. Apart from this, Ubuntu has also announced updates for applications such as DBus, GLib, libsndfile, and elfutils, which housed DoS and RCE vulnerabilities.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket