You should update Windows and Chrome now: June saw The release of multiple security updates, important patches issued for the likes of Google Chrome and Android, as well as dozens of patches for Microsoft products, including fixes for Windows zero-day vulnerabilities that attackers have already exploited. Apple updates Not at the time of writing, but the month also has some major enterprise-focused patches for Citrix, SAP, and Cisco products.
Table of Contents
Here’s what you need to know about the major update Windows and Other patches that were released last month.
Microsoft’s Patch Tuesday release was pretty heavy in June, including fixes for 55 bugs in the tech giant’s products. Tuesday’s patch is particularly important because it fixes an already exploited Remote Code Execution (RCE) issue in Windows dubbed Folina, which Microsoft has known about since at least May.
Tracked as CVE-2022-30190, Folina, which exploits vulnerabilities in the Windows Support Diagnostic Tool and can be executed without opening a document, has already been used by multiple criminal groups and state-sponsored attackers.
All three vulnerabilities mentioned in Patch Tuesday affecting Windows Server are RCE flaws and are rated critical. However, patches are appearing breaking Some VPN and RDP connections, so be careful.
Google Chrome updates keep coming thick and fast. That’s not a bad thing, because the world’s most popular browser is one of the biggest targets for hackers by default. In June, Google Released Chrome 103 includes patches for 14 vulnerabilities, some of which are serious.
Tracked as CVE-2022-2156, a use-after-free issue in Base reported by Google’s Project Zero bug-hunting team could lead to arbitrary code execution, denial of service, or data corruption. Worse, the flaw could lead to full system compromise when combined with other vulnerabilities.
Among the multiple Android security issues that Google patched in June, the most serious was a critical security vulnerability in a system component that could lead to remote code execution without the need for additional execution privileges, Google said in it. Android Security Bulletin.
Even Google Released Updates for its Pixel devices to patch issues in Android framework, media framework and system components.
Samsung users seem to be out of luck with Android updates of late, with the device maker rolling out its patches very quickly. The June security update is no different, hitting the Samsung Galaxy Tab S7 series, Galaxy S21 series, Galaxy S22 series and Galaxy Z Fold 2 directly.
The software manufacturer is Cisco Released A patch in June addresses a critical vulnerability in Cisco Secure Email and Web Manager and the Cisco Email Security Appliance that could allow a remote attacker to bypass authentication and log into the web management interface of an affected device.
Cisco said the issue, tracked as CVE-2022-20798, could be exploited by an attacker entering something specific on an affected device’s login page that provides access to a web-based management interface.
Citrix has issued an alert asking users to patch some major vulnerabilities that could allow attackers to reset admin passwords. Vulnerabilities in Citrix Application Delivery Management could lead to system corruption by a remote, unauthorized user, Citrix said in a statement. Safety Bulletin. “The effect of this is to reset the administrator password on the next device reboot, allowing an attacker with ssh access to connect with default administrator credentials after the device reboots,” the company wrote.
Citrix recommends that traffic to the Citrix ADM’s IP address be segregated from standard network traffic. It claims to reduce the risk of extortion. However, the vendor urged customers to install updated versions of Citrix ADM Server and Citrix ADM Agent “as soon as possible.”
Software company SAP has released 12 security patches as part of it June Patch Day, three of which are serious. The first one listed by SAP relates to an update released on the April 2018 patch day and applies to Google Chromium, the browser control used by the company’s business clients. Details about this vulnerability are not available, but it has a severity score of 10, so a patch should be applied immediately.
Another major fix concerns an issue in the SAProuter proxy on NetWeaver and the ABAP platform that allows attackers to execute SAProuter administration commands from a remote client. The third major patch fixes a privilege escalation bug in SAP PowerDesigner Proxy 16.7.
Splunk has Released Some out-of-band patches for its enterprise product address issues including a critical-rated vulnerability that could lead to arbitrary code execution.
Labeled CVE-2022-32158, the flaw allows an adversary to compromise a Universal Forwarder endpoint and execute code on other endpoints connected to the deployment server. Fortunately, there is no indication that the vulnerability has been exploited in any real-world attacks.
Ninja Forms is a WordPress plugin.
Ninja Forms, a WordPress plug-in with more than a million active installations, has addressed a serious problem that is likely being exploited by attackers in the wild. “We discovered a code injection vulnerability that made it possible for an unauthorized attacker to call a limited number of methods in various Ninja Forms classes, including a method that unserializes user-supplied content, leading to object injection,” said security analysts at WordPress Wordfence Threat. The intelligence team said in a update.
This allows attackers to execute arbitrary code or delete arbitrary files on specific sites POP chain There is, researchers say.
The bug was completely fixed in versions 126.96.36.199, 3.1.10, 3.2.28, 188.8.131.52, 184.108.40.206, 220.127.116.11 and 3.6.11. It looks like WordPress has forced an automatic update for the plug-in, so your site may already be using one of the patched versions.
Australian software company Atlassian has released a patch to fix a zero-day flaw that has already been exploited by attackers. Tracked as CVE-2022-26134The RCE vulnerability in Confluence Server and Data Center can be used to backdoor Internet-exposed servers.
There is GitLab Slipped Patches for versions 15.0.1, 14.10.4 and 14.9.5 for GitLab Community Edition and Enterprise Edition. The updates include important security fixes for eight vulnerabilities, one of which could allow account takeover.
With this in mind, the company “strongly recommends” that all GitLab installations be upgraded to the latest version “as soon as possible”. GitLab.com is already running a patched version.