UPDATE Cisco is warning users this week that several of its products — routers, gateways, data centers, and the like — suffer from vulnerabilities, including one critical one.
Browsing Category: Vulnerabilities
Google joined the Patch Tuesday parade with a Chrome update that patches seven vulnerabilities in the browser. It also announced it was extending Safe Browsing protection to Chrome for Android.
Apple has piled on the patches already released by Adobe and Microsoft today, and pushed out updates for iOS, OS X, Apple TV, Safari, and it’s watch-based operating system watchOS.
Microsoft patches 71 vulnerabilities in its December Patch Tuesday security bulletins, including two currently under attack. It has also revoked a leaked Xbox Live certificate and private key.
Adobe’s monthly Flash Player update patches 79 code execution vulnerabilities, including 56 use-after-free flaws.
Google’s monthly over-the-air Nexus security updates for December included patches for a critical flaw in Mediaserver and a rooting vulnerability in the Android kernel.
The OpenSSL Software Foundation patched four vulnerabilities on Thursday, likely the last time that two older versions of the software library will receive updates.
Adobe’s announcement that it has retooled—and renamed—Flash is a longterm signal that the vulnerable and fatigued platform is on its last legs.
Cisco patched its WebEx mobile app for Android, and published advisories warning of vulnerabilities in three other products.
Rapid7 disclosed that Advantech EKI industrial control gear remains vulnerable to Shellshock and Heartbleed, in addition to a host of other vulnerabilities.