Weekly Patch and Update Summary for Week of September 2, 2016
By Kimberly Matsumoto on September 2, 2016
For all patches and updates listed below please use the appropriate updating methods for your system. It is advised that you patch and update your system as soon as possible.
Apple
Apple has released security updates to address vulnerabilities found in OS X and Safari. Some of these vulnerabilities may allow a remote attacker to gain control of a system.
List of Updates:
Apple has also released a security update to address vulnerabilities in iOS. Some of these vulnerabilities may allow a remote attacker to gain control of a system. For more information please see: iOS 9.3.5.
Cisco
Cisco has released many updates to address vulnerabilities in a variety of products. Some of these vulnerabilities may allow a remote attacker to gain control of a system.
List of Updates:
- Cisco Wireless LAN Controller wIPS Denial of Service Vulnerability cisco-sa-20160831-wlc-2
- Cisco Wireless LAN Controller TSM SNMP Denial of Service Vulnerability cisco-sa-20160831-wlc-1
- Cisco WebEx Meetings Player Denial of Service Vulnerability cisco-sa-20160831-webex
- Cisco Virtual Media Packager PAM API Unauthorized Access Vulnerability cisco-sa-20160831-vmp
- Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability cisco-sa-20160831-sps3
- Cisco Small Business 220 Series Smart Plus Switches Web Interface Denial of Service Vulnerability cisco-sa-20160831-sps2
- Cisco Small Business 220 Series Smart Plus Switches Web Interface Cross-Site Scripting Vulnerability cisco-sa-20160831-sps1
- Cisco Small Business 220 Series Smart Plus Switches Web Interface Cross-Site Request Forgery Vulnerability cisco-sa-20160831-sps
- Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability cisco-sa-20160831-spa
- Cisco WebEx Meetings Player Arbitrary Code Execution Vulnerability cisco-sa-20160831-meetings-player
- Cisco Hosted Collaboration Mediation Fulfillment Directory Traversal File System Vulnerability cisco-sa-20160831-hcmf
- Cisco Hosted Collaboration Mediation Fulfillment Authenticated Directory Traversal Vulnerability cisco-sa-20160831-hcm
- Cisco Firepower Management Center Privilege Escalation Vulnerability
- Cisco Firepower Management Center Remote Command Execution Vulnerability
- Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability
- Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability
- Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU Denial of Service Vulnerability
- Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms CLI Privilege Escalation Vulnerability
- Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms 802.11 Protocol Denial of Service Vulnerability
- Cisco Adaptive Security Appliance CLI Remote Code Execution Vulnerability
- Cisco Firepower Management Center Cross-Site Scripting Vulnerability
- Cisco IP Phone 8800 Series Denial of Service Vulnerability
- Cisco Identity Services Engine Admin Dashboard Page Cross-Site Scripting Vulnerability
- Cisco Smart Call Home Transport Gateway Cross-Site Scripting Vulnerability
- Cisco Unified Communications Manager Information Disclosure VulnerabilityCisco WebEx Meetings Server Information Disclosure Vulnerability
Fortinet
Fortinet has released a security advisory highlighting a vulnerability in versions of FortiGate firmware released before August 2012. This vulnerability may allow a remote attack to gain control of a system. For more information please see: Fortinet Advisory.
Google has released Chrome version 53.0.2785.89 to address vulnerabilities for Windows, Mac and Linux. Some of these vulnerabilities may allow a remote attacker to gain control of a system. For more information please see: Stable Channel Update for Desktop.
VMWare
VMWare has released updates to address vulnerabilities in VMWare Identity Manager and vRealize Automation. One of these vulnerabilities may allow a remote attacker to gain control of a system. For more information please see: VMWare Security Advisory.
Ubuntu
Canonical has released many security updates for their operating system Ubuntu. For more information please see Ubuntu Security Notices.
List of Updates:
- USN-3070-4: Linux kernel (Xenial HWE) vulnerabilities
- USN-3070-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities
- USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities
- USN-3072-2: Linux kernel (OMAP4) vulnerabilities
- USN-3072-1: Linux kernel vulnerabilities
- USN-3071-2: Linux kernel (Trusty HWE) vulnerabilities
- USN-3071-1: Linux kernel vulnerabilities
- USN-3070-1: Linux kernel vulnerabilities
- USN-3069-1: Eye of GNOME vulnerability
- USN-3067-1: HarfBuzz vulnerabilities
- USN-3068-1: Libidn vulnerabilities
- USN-3066-1: PostgreSQL vulnerabilities
- USN-3065-1: Libgcrypt vulnerability
- USN-3064-1: GnuPG vulnerability
- USN-3063-1: Fontconfig vulnerability
- USN-3062-1: OpenJDK 7 vulnerabilities
- USN-3061-1: OpenSSH vulnerabilities
-
Weekly Patch and Update Summary for Week of February 17, 2017
Weekly Patch and Update Summary for Week of February 17, 2017
2/21/2017 -
Weekly Patch and Update Summary for Week of November 18, 2016
Weekly Patch and Update Summary for Week of November 18, 2016
11/17/2016 -
Weekly Patch and Update Summary for Week of November 11, 2016
Weekly Patch and Update Summary for Week of November 11, 2016
11/10/2016