NOTE: The indicates the entry has been posted within the last 30 days.
11/29/2022: Google has updated the stable channel for Chrome to 108.0.5359.72 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 11/16/2022: Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR 102.5. There is also a new personal version of Firefox 107. 11/10/2022: Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Security updates are available for macOS Ventura 13.0.1, macOS Big Sur 11.7.1, macOS Monterey 12.6.1, iOS and iPad OS 16.1.1, Safari 16.1. 11/08/2022: Microsoft , on Tuesday, November 8th released patches to address 67 security vulnerabilities in multiple products. Microsoft patched zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), multiple disclosed vulnerabilities were patched for on-premist Exchange Server, Chromium-based Edge, Azure and many others. An attacker who successfully exploits these vulnerability can run arbitrary code with the privileges to compromise credentials and move laterally. SANS Patch Tuesday info is available here. The official Microsoft notification is posted here. 11/02/2022: Red Hat announced patches for the month of November. Please visit the announcement page for more information . 10/26/2022: Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Security updates are available for watchOS 9.1, tvOS 16.1, macOS Ventura 13, macOS Big Sur 11.7.1, macOS Monterey 12.6.1, iOS and iPad OS 16.1, Safari 16.1. 10/25/2022: Google has updated the stable channel for Chrome to 107.0.5304.63 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 10/20/2022: Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR 102.4. There is also a new personal version of Firefox 106. 10/19/2022: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products including Java SE. The new release for Java is version 8u341. All systems running Java products should be patched as soon as possible to avoid compromise. There are also updates for other products such as Database Server, Sun Solaris, PeopleSoft, Middleware products, SQL Developer and MySql Server. 10/11/2022: Adobe has released security updates for Adobe Reader, Acrobat, and After Effects. These updates address multiple critical and actively exploited vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Security notices for all Adobe products are available here. 09/06/2022: Google has updated the stable channel for Chrome to 105.0.5195.102 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 08/24/2021: Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR 91.13. There is also a new personal version of Firefox 104. 08/10/2021: Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take control of an affected system. . 08/09/2022: Microsoft , on Tuesday, August 9th released patches to address 141 security vulnerabilities in multiple products. Microsoft patched zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), multiple disclosed vulnerabilities were patched for on-premist Exchange Server, Chromium-based Edge, Azure and many others. An attacker who successfully exploits these vulnerability can run arbitrary code with the privileges to compromise credentials and move laterally. SANS Patch Tuesday info is available here. The official Microsoft notification is posted here. 08/09/2022: Adobe has released security updates for Adobe Reader, Acrobat, and After Effects. These updates address multiple critical and actively exploited vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Security notices for all Adobe products are available here. 08/09/2022: VMware released security updates to address multiple vulnerabilites, VMSA-2022-0022, a critical advisory addressing security vulnerabilities found and resolved in VMware's vRealize Automation and VMware Cloud Foundation products. 07/26/2022: Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR 91.12. There is also a new personal version of Firefox 103. 07/12/2022: Adobe has released security updates for Adobe Reader, Acrobat, Photoshop, Illustrator, Adobe and Adone Commerce. These updates address multiple critical and actively exploited vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Security notices for all Adobe products are available here. 07/05/2022: Google has updated the stable channel for Chrome to 103.0.5060.114 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 06/30/2022: Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR 91.11. There is also a new personal version of Firefox 102. 06/23/2022: Google has updated the stable channel for Chrome to 103.0.5060.53 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 06/14/2022: Microsoft , on Tuesday, June 14th released patches to address 60 security vulnerabilities in multiple products. Three of the vulnerabilities are critical. The most severe critical vulnerability affects Windows’ Network File System (CVE-2022-30136). The second most critical vulnerability affects Windows Hyper-V (CVE-2022-30163) where an attacker can run an application on a guest hosts and execute arbitrary code. Lastly, Follina (CVE-2022-30190) A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. SANS Patch Tuesday info is available here. The official Microsoft notification is posted here. 06/10/2022: Google has updated the stable channel for Chrome to 102.0.5005.115 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 06/01/2022: Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR 91.10. There is also a new personal version of Firefox 101. 05/23/2022: Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR 91.9.1. There is also a new personal version of Firefox 100.0.2. 05/23/2022: Adobe has released an update for Photoshop for Windows and macOS. This update resolves multiple critical vulnerabilities Successful exploitation could lead to arbitrary code execution in the context of the current user. 05/18/2022: VMware released VMSA-2022-0014, a critical advisory addressing security vulnerabilities found and resolved in VMware's Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. 05/17/2022: Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Apple acknowledges awareness of a report that states CVE-2022-22675 may have been actively exploited. CVE-2022-22675 affects watchOS, tvOS, and macOS Big Sur. Security updates are available for watchOS 8.6 tvOS 15.3, macOS Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4, iOS 15.5 and iPad OS 15.5. 05/16/2022: The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to obtain sensitive information. 05/11/2022: Google has updated the stable channel for Chrome to 101.0.4951.64 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 05/10/2022: Microsoft released patches to address more than 75 security vulnerabilities in multiple products. May's patches fix one zero-day vulnerability affecting all versions of Windows, 8 critical flaws and 3 previously disclosed exploits. The most urgent vulnerability Microsoft addressed this month is CVE-2022-26925, a weakness in a central component of Windows security (the "Local Security Authority" process within Windows). According to Microsoft "An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate the attacker using NTLM. The security update detects anonymous connection attempts in LSARPC and disallows it. "Additionally, Microsoft advises that further actions, detailed in KB5005413, are needed to protect the system after applying the patch. View the SANS patch release summary for more information. Please review your patch deployment process and mitigate unpatched systems to prevent exploitation. 05/04/2022: Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. More information is available here: ESR Security Advisories. Downloads are available here: Firefox 91.9 ESR. There is also a new personal version of Firefox 100. 04/27/2022: Google has updated the stable channel for Chrome to 101.0.4951.41 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 04/20/2022: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products including Java SE. The new release for Java is version 8 Update 331. All systems running Java products should be patched as soon as possible to avoid compromise. There are also updates for other products such as Database Server, Sun Solaris, PeopleSoft, Middleware products, SQL Developer and MySql Server. 04/15/2022: Google has updated the stable channel for Chrome to 100.0.4896.127 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 04/12/2022: Microsoft has released 119 new security patches for Patch Tuesday April 2022 including two-zero day vulnerabilities and an additional 26 vulnerabilities in Microsoft Edge. The patches fix issues in LDAP, Azure, Microsoft Defender, DNS Server, Active Directory, Edge Chromium, Office, .Net Framework, Windows RDP, and Print Spooler. If systems are not patched, existing vulnerabilities could allow an attacker access to exploit and take control of an affected system. The official Microsoft notification is posted here. 04/12/2022: Adobe has released security updates for Adobe Reader, Acrobat, Photoshop, Commerce, and After Effects. These updates address multiple critical and actively exploited vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Security notices for all Adobe products are available here. 04/12/2022: Google released Android's April security updates addressing multiple security vulnerabilities affecting Android devices. 04/12/2022: VMware released VMSA-2022-0011, a critical advisory addressing security vulnerabilities found and resolved in VMware's Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. 04/06/2022: Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild. More information is available here: ESR Security Advisories. Downloads are available here: Firefox 91.8 ESR. There is also a new personal version of Firefox 99. 04/06/2022: Google has updated the stable channel for Chrome to 100.0.4896.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 04/01/2022: Apple has released security updates to address multiple vulnerabilities. The recent updates address vulnerabilities in iOS and iPadOS prior to 15.4.1; macOS Montery prior to 12.3.1. All Apple Security Updates are available here. Updates can be applied via the App Store or from Apple downloads. 04/01/2022: Google has updated the stable channel for Chrome to 100.0.4896.60 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 03/17/2022: Google has updated the stable channel for Chrome to 99.0.4844.74 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 03/08/2022: Adobe has released security updates for Photoshop, Illustrator and After Effects. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Security notices for all Adobe products are available here. 03/08/2022: Microsoft has released 71 new security patches for Patch Tuesday, March 2022, addressing vulnerabilities including three zero day bugs and three critical-rated software flaws. The patches fix issues in Windows, Azure Site Recovery, Microsoft Defender for Endpoint, Intune, Edge, Windows HTML Platforms, Office, .NET and Visual Studio, Windows RDP, and SMB Server. According to Zero Day Initiative, the patches are in addition to 21 bugs patched by Microsoft Edge (Chromium-based) earlier this month, bringing the total of bugs patched this month to 92. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 03/08/2022: Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild. More information is available here: ESR Security Advisories. Downloads are available here: Firefox 91.7 ESR. There is also a new personal version of Firefox 98. 03/07/2022: Adobe has released security updates for Adobe Acrobat and Reader version 22.001.20085 for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Security notices for all Adobe products are available here. 03/04/2022: Google has updated the stable channel for Chrome to 99.0.4844.51 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 02/16/2022: VMware has released a security update to address vulnerabilities in multiple products. An attacker could exploit unpatched vulnerabilities to take control of an affected system. The list of affected products can be reviewed here. 02/16/2022: Google has updated the stable channel for Chrome to 98.0.4758.102 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 02/11/2022: Apple has released security updates to address multiple vulnerabilities. The recent updates address vulnerabilities in iOS and iPadOS prior to 15.3.1; macOS Montery prior to 12.2.1; Safari 15.3. All Apple Security Updates are available here. Updates can be applied via the App Store or from Apple downloads. 02/08/2022: Adobe releases security updates for multiple products including Photoshop, Illustrator, Creative Cloud Desktop and more. Security notices for all Adobe products are available here. 02/08/2022: Mozilla has announced a new release for Firefox ESR version 91.6 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 97. 01/25/2022: Google has updated the stable channel for Chrome to 97.0.4692.99 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 01/19/2022: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products including Java SE. The new release for Java is version 8u321. All systems running Java products should be patched as soon as possible to avoid compromise. There are also updates for other products such as Database Server, Sun Solaris, PeopleSoft, Middleware products, SQL Developer and MySql Server. 01/11/2022: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 96 security flaws with six classified as Zero-Day flaws actively being exploited. Products impacted by Microsoft's December security update include Microsoft Office, Microsoft .NET Framework, the Chromium-based Edge browser, Teams, DirectX, Windows Secure Boot and others. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 01/11/2022: Mozilla has announced a new release for Firefox ESR version 91.5 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 96. 01/11/2022: VMware has released a security update to address vulnerabilities in multiple products. An attacker could exploit unpatched vulnerabilities to take control of an affected system. The new version can be downloaded here. 01/03/2022: Google has updated the stable channel for Chrome to 97.0.4692.71 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 12/17/2021: Citrix has released a security update for the Citrix Workspace App for Windows, Mac and Linux.The released version is 2112.1 and is available for download here. The official release notification is posted here. 12/14/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 67 security flaws with seven classified as Critical and a Zero-Day flaw actively being exploited. Products impacted by Microsoft's December security update include Microsoft Office, Microsoft PowerShell, the Chromium-based Edge browser, the Windows Kernel, Print Spooler, and Remote Desktop Client. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 12/14/2021: Google has updated the stable channel for Chrome to 96.0.4664.110 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 12/14/2021: Apple has released security updates to address multiple vulnerabilities. The recent updates address vulnerabilities in iOS and iPadOS prior to 15.2; macOS Montery prior to 12.1; macOS Big Sur prior to 11.6.2; macOS Catalina prior to security update 2021-008 and watchOS prior to 8.3. All Apple Security Updates are available here. Updates can be applied via the App Store or from Apple downloads. 12/10/2021: Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take control of an affected system. . 12/10/2021: The Apache Software Foundation has released a security advisory to address a remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. A remote attacker could exploit this vulnerability to take control of an affected system. McAfee addressed the vulnerability and provided some workarounds. . 12/08/2021: Mozilla has announced a new release for Firefox ESR version 91.4 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 95. 12/07/2021: Google has updated the stable channel for Chrome to 96.0.4664.93 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 12/01/2021: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives.If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution.This issue is known to be exploited in the wild.This issue only affects Apache 2.4.49 and not earlier versions.. 11/16/2021: Google has updated the stable channel for Chrome to 96.0.4664.45 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 11/09/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 55 security flaws with 49 classified as Important and six Zero-Day vulnerabilities. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 11/04/2021: Mozilla has announced a new release for Firefox ESR version 91.3 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 94. 10/29/2021: Google has updated the stable channel for Chrome to 95.0.4638.69 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 10/27/2021: Adobe releases security updates for multiple products including Photoshop, Illustrator, Indesign and more. Security notices for all Adobe products are available here. 10/27/2021: Apple has released security updates to address multiple vulnerabilities. The recent updates address vulnerabilities in iOS prior to 15.0.2 and iPadOS prior to 15.0.2. All Apple Security Updates are available here. Updates can be applied via the App Store or from Apple downloads. 10/21/2021: Google has updated the stable channel for Chrome to 95.0.4638.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 10/20/2021: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u311 should be upgraded on all client workstations. There are also updates for other products such as Database Server, Sun Solaris, PeopleSoft, Middleware products, SQL Developer and MySql Server. 10/20/2021: Microsoft has announced a vulnerability patch for PowerShell version 7. Admins are advised to upgrade to PowerShell 7.0.8 and 7.1.5 versions as soon as possible to protect systems from potential attacks. 10/12/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 78 security flaws with two classified as Critical and the rest classified as Important. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 10/12/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 78 security flaws with two classified as Critical and the rest classified as Important. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 10/12/2021: Adobe releases security updates for multiple products including Acrobat and Reader, Connect and more. Security notices for all Adobe products are available here. 10/12/2021: Apple has released security updates to address multiple vulnerabilities. The recent updates address vulnerabilities in iOS prior to 15.0.2 and iPadOS prior to 15.0.2. All Apple Security Updates are available here. Updates can be applied via the App Store or from Apple downloads. 10/08/2021: Google has updated the stable channel for Chrome to 94.0.4606.81 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 10/06/2021: Mozilla has announced a new release for Firefox ESR version 78.15 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 93. 09/30/2021: Google has updated the stable channel for Chrome to 94.0.4606.71 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 09/28/2021: Multiple vulnerabilities have been discovered in Microsoft Edge (Chromium Based) the most severe of which could allow for arbitrary code execution. Microsoft released Edge Chromium version 94.0.992.31 to patch the vulnerabilities. Refer to the release note page for more information 09/28/2021: Google has updated the stable channel for Chrome to 94.0.4604.61 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 09/22/2021: Google has updated the stable channel for Chrome to 94.0.4606.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 09/14/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 86 security flaws with three classified as Critical, one as Moderate, 56 as Important, and two Zero-Day vulnerabilities. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 09/14/2021: Apple has released security updates to address vulnerabilities in multiple products. Patches are released to address vulnerabilities in iOS 14.8, iPadOS 14.8 etc. All Apple Security Updates will be available here. Updates can be applied through Apple updates or Apple downloads. 09/14/2021: Google has updated the stable channel for Chrome to 93.0.4577.82 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 09/08/2021: Mozilla has announced a new release for Firefox ESR version 78.14 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 92. 09/02/2021: Google has updated the stable channel for Chrome to 93.0.4577.63 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 08/18/2021: Google has updated the stable channel for Chrome to 92.0.4515.159 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 08/10/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 51 security flaws with 7 classified as Critical and 37 as Important. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is availablehere. The official Microsoft notification is posted here. 08/10/2021: Ivanti has released Pulse Connect Secure system software version 9.1R12 to address multiple vulnerabilities an attacker could exploit to take control of an affected system. 08/10/2021: Mozilla has announced a new release for Firefox ESR version 78.13 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 90. 08/05/2021: VMware has released a security update to address vulnerabilities in multiple products. An attacker could exploit unpatched vulnerabilities to take control of an affected system. The new version can be downloaded here. 08/04/2021: Google has updated the stable channel for Chrome to 92.0.4515.131 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 07/21/2021: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u301 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 07/21/2021: Google has updated the stable channel for Chrome to 92.0.4515.107 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 07/21/2021: Apple has released security updates to address vulnerabilities in multiple products. Patches are released to address vulnerabilities in Safari, iOS etc. All Apple Security Updates will be available here. Updates can be applied through Apple updates or Apple downloads. 07/20/2021: Adobe releases security updates for multiple products including Adobe Photoshop more. Security notices for all Adobe products are available here. 07/20/2021: Oracle has released its Critical Patch Update for July 2021. This includes updates for many Oracle products. A new release for Java 8u301 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 07/16/2021: Google has updated the stable channel for Chrome to 91.0.4472.164 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 07/13/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for 117 security fixes including Remote Code Execution (RCE) vulnerability in Exchange Server actively exploited. The updates also include CVE-2021-1675 and CVE-2021-34527 for PrintNightmare. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. SANS info is available here. The official Microsoft notification is posted here. 07/13/2021: Mozilla has announced a new release for Firefox ESR version 78.12 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 90. 07/13/2021: VMware has released a security update to address a vulnerability in ESXi, vCenter Server, and Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system. The new version can be downloaded here. 07/13/2021: Adobe releases security updates for multiple products including Adobe Acrobat and Reader, Illustrator and more. Security notices for all Adobe products are available here. 06/18/2021: Google has updated the stable channel for Chrome to 91.0.4472.114 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 06/17/2021: Oracle has released its Critical Patch Update for April 2021. This includes updates for many Oracle products. A new release for Java 8u291 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 06/17/2021: Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco Jabber for mobile platforms could allow an attacker to access sensitive information or cause a denial of service (DoS) condition. Cisco released Jabber 14.0.1 for Widnows and Mac which contains fixes for these vulnerabilities. For more information about these vulnerabilities, see the Cisco advisory page. 06/15/2021: Google has updated the stable channel for Chrome to 91.0.4472.106 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 06/10/2021: Google has updated the stable channel for Chrome to 91.0.4472.101 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 06/08/2021: Microsoft has released this month's security bulletin for Patch Tuesday. The updates cover fixes for seven actively exploited zero-day vulnerabilities and a total of 50 flaws. If not patched, the vulnerabilities could allow an attacker access to exploit and take control of an affected system. Sans info is available here. The official Microsoft notification is posted here. 06/08/2021: Adobe releases security updates for multiple products including Adobe Acrobat and Reader, Connect, Creative Cloud Desktop, Photoshop Elements and more. Security notices for all Adobe products are available here. 06/03/2021: Cisco has released security updates to address vulnerabilities in multiple Cisco products including Cisco Webex Network Recording Player and Cisco Webex Player. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. 06/02/2021: Multiple vulnerabilities have been discovered in Mozilla Firefox which could allow for arbitrary code execution. Mozilla has announced a new release for Firefox ESR version 78.11 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 89. 05/27/2021: Google has updated the stable channel for Chrome to 91.0.4472.77 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 05/25/2021: Apple has released security updates to address vulnerabilities in multiple products. Patches are released for Mac OS, iOS and iPadOS An attacker could exploit some of these vulnerabilities to take control of an affected system. All Apple Security Updates will be available here. Updates can be applied through Apple updates or Apple downloads. 05/25/2021: Multiple vulnerabilities have been discovered in VMware Workstation Pro and VMware Horizon Client for Windows that could result in information disclosure. VMWare released VMware Workstation 16.1.2 Pro for Windows to patch vulnearabilities. Click here to download the latestes updates. 05/11/2021: Citrix has released security updates to address a vulnerability in Citrix Workspace App for Windows. An attacker could exploit this vulnerability to take control of an affected system. The new version of Citrix Workspace is 21.5.0.48. Citrix Workspace release informaiton is available here. 05/11/2021: Multiple vulnerabilities have been discovered in Mozilla Firefox which could allow for arbitrary code execution. Mozilla has announced a new release for Firefox ESR version 78.10.1 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 88.0.1. 05/11/2021: Google has updated the stable channel for Chrome to 90.0.4430.212 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 05/04/2021: Apple has released security updates to address vulnerabilities in multiple products. Patches are released for Mac OS 11.3.1, iOS 14.5.1 and iPadOS 14.5.1 An attacker could exploit some of these vulnerabilities to take control of an affected system. All Apple Security Updates will be available here. Updates can be applied through Apple updates or Apple downloads. 04/27/2021: Google has updated the stable channel for Chrome to 90.0.4430.93 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 04/26/2021: Apple has released security updates to address vulnerabilities in multiple products. Patches are released for Mac OS 11.3, iOS 14.5 and iPadOS 14.5 An attacker could exploit some of these vulnerabilities to take control of an affected system. All Apple Security Updates will be available here. Updates can be applied through Apple updates or Apple downloads. 04/21/2021: Google has updated the stable channel for Chrome to 90.0.4430.85 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 04/20/2021: Multiple vulnerabilities have been discovered in Mozilla Firefox which could allow for arbitrary code execution. Mozilla has announced a new release for Firefox ESR version 78.10 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 88. 04/15/2021: Google has updated the stable channel for Chrome to 90.0.4430.72 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.The Google Chrome blog is available here. Chrome release information is available here. 04/14/2021: Google has released Chrome browser 89.0.4389.128 for Windows, Mac and Linux. These releases include stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 04/13/2021: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 04/01/2021: Google has released Chrome browser 89.0.4389.114 for Windows, Mac and Linux. These releases include stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 03/26/2021: Apple has released security updates to address vulnerabilities in multiple products. Patches are released for iOS 14.4.2 and iPadOS 14.4.2. An attacker could exploit some of these vulnerabilities to take control of an affected system. All Apple Security Updates will be available here. Updates can be applied through Apple updates or Apple downloads. 03/24/2021: Mozilla has announced a new release for Firefox ESR version 78.9 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 87. 03/18/2021: Adobe releases security updates for multiple products including Acrobat, Photoshop, Illustrator, Animate and more. Security notices for all Adobe products are available here. 03/12/2021: Google has released Chrome browser 89.0.4389.90 for Windows, Mac and Linux. These releases include stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 03/09/2021: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 03/09/2021: Apple has released security updates to address vulnerabilities in multiple products. Patches are released for macOS Big Sur 11.2.3, Safari 14.0.3, iOS 14.1.1 and iPadOS 14.4.1 . An attacker could exploit some of these vulnerabilities to take control of an affected system . All Apple Security Updates will be available here. Updates can be applied through Apple updates or Apple downloads. 03/04/2021: VMware has released a security update to address a vulnerability in ESXi, vCenter Server, and Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system. The new version can be downloaded here. 03/02/2021: Google has released Chrome browser 89.0.4389.72 for Windows, Mac and Linux. These releases include stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 02/24/2021: VMware has released a security update to address a vulnerability in ESXi, vCenter Server, and Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system. The new version can be downloaded here. 02/24/2021: Mozilla has announced a new release for Firefox ESR version 78.8. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 86. 02/22/2021: Google has released Chrome browser 88.0.4324.190 for Windows and 88.0.4324.192 for Mac and Linux. These releases include stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 02/17/2021: Google has released Chrome browser 88.0.4324.182 for Windows, Mac, and Linux. This release includes stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 02/09/2021: VMware has released a security update to address a vulnerability in vSphere Replication. An attacker could exploit this vulnerability to take control of an affected system. The vulnerability is documented in CVE-2021-21976. The new version can be downloaded here. 02/09/2021: Adobe releases security updates for multiple products including Photoshop, Illustrator, Animate and more. Security notices for all Adobe products are available here. 02/09/2021: Apple has released security updates to address vulnerabilities in macOS Big Sur 11.2, macOS Catalina 10.15.7, and macOS Mojave 10.14.6. An attacker could exploit some of these vulnerabilities to take control of an affected system . All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 02/09/2021: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 02/09/2021: Google has released Chrome browser 88.0.4324.153 for Windows, Mac, and Linux. This release includes stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 02/09/2021: Mozilla has announced a new release for Firefox ESR version 78.7.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 85.0.1. 02/03/2021: Google has released Chrome browser 88.0.4324.146 for Windows, Mac, and Linux. This release includes stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 02/02/2021: Apple has released security updates to address vulnerabilities in macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and macOS Mojave 10.14.6. An attacker could exploit some of these vulnerabilities to take control of an affected system . All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 01/27/2021: Mozilla has announced a new release for Firefox ESR version 78.7. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 85. 01/27/2021: Apple has released new security patches for iPadOS, iOS, tvOS and watchOS 14.4. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 01/21/2021: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u271 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 01/21/2021: Google has released Chrome browser 88.0.4324.104 for Windows, Mac, and Linux. This release includes stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 01/12/2021: Microsoft has released its security bulletin for January 2021. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 01/12/2021: Adobe releases security updates for multiple products including Photoshop, Illustrator, Animate, Campaign Classic, Bridge and more. Security notices for all Adobe products are available here. 01/11/2021: Microsoft has released a security update to address vulnerabilities in Microsoft Edge (Chromium-based). The new version is 87.0.664.75. Release notes are published here. The Security Advisory is available here. 01/07/2021: Google has released Chrome browser 87.0.4280.141 for Windows, Mac, and Linux. This release includes stability and performance improvements. The Google Chrome blog is available here. Chrome release information is available here. 01/07/2021: Mozilla has announced a new release for Firefox ESR version 78.6.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 84.0.2. 12/18/2020: Mozilla has announced a new release for Firefox ESR version 78.6. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 84. 12/15/2020: Apple has released new security patches for Mac OS, iOS, and Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 12/8/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 12/8/2020: Adobe has published security bulletins for Adobe Acrobat and Reader (APSB20-75). The new version is 2020.001.30010. Security notices for all Adobe products are available here. 12/4/2020: Google has released Chrome browser 87.0.4280.88 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 11/19/2020: Mozilla has announced a new release for Firefox ESR version 78.5. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 83. 11/19/2020: Google has released Chrome browser 87.0.4280.66 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 11/13/2020: Apple has released new security patches for Mac OS, iOS, and Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 11/12/2020: Google has released Chrome browser 86.0.4240.198 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 11/10/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 11/10/2020: Mozilla has announced a new release for Firefox ESR version 78.4.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 82.0.3. 11/9/2020: Apple has released new security patches for Mac OS, iOS, and Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 11/4/2020: Adobe has published security bulletins for Adobe Acrobat and Reader (APSB20-67). The new version is 2020.012.20048. Security notices for all Adobe products are available here. 11/3/2020: Google has released Chrome browser 86.0.4240.183 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 10/22/2020: Microsoft has released a security update to address vulnerabilities in Edge (Chromium-based). The new version is 86.0.622.51. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The release notes are published here. The Security Advisory is available here. 10/22/2020: Google has released Chrome browser 86.0.4240.111 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 10/22/2020: Mozilla has announced a new release for Firefox ESR version 78.4. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 82.0. 10/22/2020: Adobe has released security updates for multiple products: Photoshop, Illustrator, Creative Cloud and more. Security notices for all Adobe products are available here. 10/21/2020: Oracle has released its Critical Patch Update for October 2020. This includes updates for many Oracle products. A new release for Java 8u271 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 10/14/2020: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.445.This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 11 and Microsoft Edge. 10/13/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 10/07/2020: Google has released Chrome browser 86.0.4240.77 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 10/01/2020: Mozilla has announced a new release for Firefox ESR version 78.3.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 81.0.2 9/25/2020: Apple has released new security patches for different Mac OS versions. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 9/21/2020: Google has released Chrome browser 85.0.4183.121 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 9/22/2020: Mozilla has announced a new release for Firefox ESR version 78.3. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 81.0 9/17/2020: Apple has released new security patches for Mac OS, iOS, and Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 9/8/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 9/8/2020: Google has released Chrome browser 85.0.4183.102 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 9/8/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 8/27/2020: Mozilla has announced a new release for Firefox ESR version 78.2. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 80.0 8/27/2020: Google has released Chrome browser 85.0.4183.83 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 8/19/2020: Google has released Chrome browser 84.0.4147.135 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Google Chrome blog is available here. Chrome release information is available here. 8/11/2020: Adobe has published security bulletins for Adobe Acrobat and Reader(APSB20-48). The new version is 2020.012.20041. Security notices for all Adobe products are available here. 8/11/2020: Google has released a new stable release version of the Chrome browser 84.0.4147.125. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 7/29/2020: Mozilla has announced a new release for Firefox ESR version 78.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 79.0 7/28/2020: Google has released a new stable release version of the Chrome browser 84.0.4147.105. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 7/16/2020: Microsoft has released the latest Microsoft Edge Stable Channel (Version 84.0.522.40), which incorporates the latest Security Updates of the Chromium project. For more information, see the Security Update Guide. 7/15/2020: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 7/14/2020: Adobe has released new security updates for Reader/Acrobat. The new version is 20.009.20074. Security notices for all Adobe products are available here. 7/14/2020: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u261 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 7/14/2020: Google has released a new stable release version of the Chrome browser 84.0.4147.89. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 7/14/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 7/2/2020: Mozilla has announced a new release for Firefox ESR version 68.10. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 78.0 6/23/2020: Google has released a new stable release version of the Chrome browser 83.0.4103.116. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here.6/16/2020
6/9/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 6/9/2020: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.387.This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 11 and Microsoft Edge. 6/3/2020: Google has released a new stable release version of the Chrome browser 83.0.4103.97. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 6/2/2020: Mozilla has announced a new release for Firefox ESR version 68.9. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 77.0 6/1/2020: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 5/26/2020: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 5/20/2020: Google has released a new stable release version of the Chrome browser 83.0.4103.61. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 5/12/2020: Adobe has released new security updates for Reader/Acrobat. The new version is 2020.009.20063. Security notices for all Adobe products are available here. 5/12/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 5/5/2020: Google has released a new stable release version of the Chrome browser 81.0.4044.138. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 5/5/2020: Mozilla has announced a new release for Firefox ESR version 68.8. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 76.0 4/29/2020: Google has released a new stable release version of the Chrome browser 81.0.4044.129. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 4/22/2020: Google has released a new stable release version of the Chrome browser 81.0.4044.122. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 4/15/2020: Google has released a new stable release version of the Chrome browser 81.0.4044.113. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 4/15/2020: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u251 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 4/14/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 4/8/2020: Google has released a new stable release version of the Chrome browser 81.0.4044.92. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 4/7/2020: Mozilla has announced a new release for Firefox ESR version 68.7 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 75.0 4/3/2020: Mozilla has announced a new release for Firefox ESR version 68.6.1 More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 74.0.1 4/1/2020: Google has released a new stable release version of the Chrome browser 80.0.3987.162. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 3/25/2020: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 3/19/2020: Google has released a new stable release version of the Chrome browser 80.0.3987.149. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 3/19/2020: Adobe has released new security updates for Reader/Acrobat. The new version is 2020.006.20042. Security notices for all Adobe products are available here. 3/16/2020: Microsoft has announced new vulnerabilities in SMB and can be exploited by a wormable malware process. It is important to patch ALL Windows 7, 10 and Server software for this vulnerability. More info is available here: CVE-2020-0796. 3/11/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 3/10/2020: Mozilla has announced a new release for Firefox ESR version 68.6. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 74 3/3/2020: Google has released a new stable release version of the Chrome browser 80.0.3987.132. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 2/24/2020: Google has released a new stable release version of the Chrome browser 80.0.3987.122. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 2/18/2020: Google has released a new stable release version of the Chrome browser 80.0.3987.116. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 2/18/2020: Mozilla has announced a new release for Firefox ESR version 68.5.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 73 2/11/2020: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.330. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 2/11/2020: Adobe has released new security updates for Reader/Acrobat. The new version is 2020.006.20034. Security notices for all Adobe products are available here. 2/11/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 2/11/2020: Mozilla has announced a new release for Firefox ESR version 68.5. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 73 2/11/2020: Google has released a new stable release version of the Chrome browser 80.0.3987.100. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 2/5/2020: Google has released a new stable release version of the Chrome browser 80.0.3987.87. There are a number of security fixes in this release. The Google Chrome blog is available here. Chrome release information is available here. 1/28/2020: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 1/16/2020: Google has released a new stable release version of the Chrome browser 79.0.3945.130. There are a number of security fixes in this release. Chrome release information is available here. 1/15/2020: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u241 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 1/14/2020: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. This also includes a critical vulnerability that could be exploited for remote execution and should be patched quickly. Sans info is available here. The official Microsoft notification is available here. 1/8/2020: Google has released a new stable release version of the Chrome browser 79.0.3945.117. There are a number of security fixes in this release. Chrome release information is available here. 1/8/2020: Mozilla has announced a new release for Firefox ESR version 68.4.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 72.0.1 12/17/2019: Google has released a new stable release version of the Chrome browser 79.0.3945.88. There are a number of security fixes in this release. Chrome release information is available here. 12/11/2019: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 12/11/2019: Google has released a new stable release version of the Chrome browser 79.0.3945.79. There are a number of security fixes in this release. Chrome release information is available here. 12/11/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 12/10/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.021.20056. Security notices for all Adobe products are available here. 12/3/2019: Mozilla has announced a new release for Firefox ESR version 68.3. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 71.0 11/19/2019: Google has released a new stable release version of the Chrome browser 78.0.3904.108. There are a number of security fixes in this release. Chrome release information is available here. 11/12/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 11/06/2019: Google has released a new stable release version of the Chrome browser 78.0.3904.97. There are a number of security fixes in this release. Chrome release information is available here. 10/31/2019: Google has released a new stable release version of the Chrome browser 78.0.3904.87. There are a number of security fixes in this release. Chrome release information is available here. 10/30/2019: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 10/23/2019: Google has released a new stable release version of the Chrome browser 78.0.3904.70. There are a number of security fixes in this release. Chrome release information is available here. 10/22/2019: Mozilla has announced a new release for Firefox ESR version 68.2. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 70.0. 10/15/2019: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u231 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 10/15/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.021.20047. Security notices for all Adobe products are available here. 10/10/2019: Google has released a new stable release version of the Chrome browser 77.0.3865.120. There are a number of security fixes in this release. Chrome release information is available here. 10/8/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 10/7/2019: Apple has released new security patches for Mac OS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 9/24/2019: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 9/23/2019: Microsoft has released an out of band security patch for Windows Defender and versions of IE. The official Microsoft notification is available here. 9/18/2019: Google has released a new stable release version of the Chrome browser 77.0.3865.90. There are a number of security fixes in this release. Chrome release information is available here. 9/10/2019: Google has released a new stable release version of the Chrome browser 77.0.3865.75. There are a number of security fixes in this release. Chrome release information is available here. 9/10/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 9/10/2019: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.255. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 9/3/2019: Mozilla has announced a new release for Firefox ESR version 60.9. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 69.0 and a new version of Firefox ESR 68.1 which needs more testing for new features that have been introduced. 8/28/2019: We've posted new confirmed phishing emails for Pet/Baby/Dog Sitting/Walking job opportunity. Please be aware so you do not fall victim to one of these phishing emails. 8/26/2019: Google has released a new stable release version of the Chrome browser 76.0.3809.132. There are a number of security fixes in this release. Chrome release information is available here. 8/26/2019: Apple has released new security patches for Mac OS, iOS. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 8/15/2019: Microsoft has announced new vulnerabilities in Remote Desktop Services and can be exploited by a wormable malware process. It is important to patch ALL Windows 7, 10 and Server software for this vulnerability. More info is available here: CVE-2019-1181/1182. 8/13/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 8/13/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.012.20036. Security notices for all Adobe products are available here. 7/30/2019: Google has released a new stable release version of the Chrome browser 76.0.3809.87. There are a number of security fixes in this release. Chrome release information is available here. 7/22/2019: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 7/17/2019: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u221 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 7/15/2019: Google has released a new stable release version of the Chrome browser 75.0.3770.142. There are a number of security fixes in this release. Chrome release information is available here. 7/9/2019: Mozilla has announced a new release for Firefox ESR version 60.8. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 68.0 and a new version of Firefox ESR 68.0 which needs more testing for new features that have been introduced. 7/9/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 6/24/2019: Mozilla has announced a new release for Firefox ESR version 60.7.2. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 67.0. 6/19/2019: Mozilla has announced a new release for Firefox ESR version 60.7.1. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 67.0. 6/14/2019: Google has released a new stable release version of the Chrome browser 75.0.3770.90. There are a number of security fixes in this release. Chrome release information is available here. 6/11/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 6/11/2019: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.207. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 6/5/2019: Google has released a new stable release version of the Chrome browser 75.0.3770.80. There are a number of security fixes in this release. Chrome release information is available here. 5/21/2019: Google has released a new stable release version of the Chrome browser 74.0.3729.169. There are a number of security fixes in this release. Chrome release information is available here. 5/21/2019: Mozilla has announced a new release for Firefox ESR version 60.7. The security information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 67.0. 5/14/2019: Google has released a new stable release version of the Chrome browser 74.0.3729.157. There are a number of security fixes in this release. Chrome release information is available here. 5/14/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 5/14/2019: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.192. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 5/14/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.012.20034. Security notices for all Adobe products are available here. 5/14/2019: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 5/8/2019: Mozilla has announced a new release for Firefox ESR version 60.6.3. There is a problem with Add-ons being disabled or failing to install. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 66.0.5. 5/5/2019: Mozilla has announced a new release for Firefox ESR version 60.6.2. There is a problem with Add-ons being disabled or failing to install. More information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 66.0.4. 4/30/2019: Google has released a new stable release version of the Chrome browser 74.0.3729.131. There are a number of security fixes in this release. Chrome release information is available here. 4/23/2019: Google has released a new stable release version of the Chrome browser 74.0.3729.108. There are a number of security fixes in this release. Chrome release information is available here. 4/16/2019: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u211 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 4/9/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 4/9/2019: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.171. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 4/9/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.010.20099. Security notices for all Adobe products are available here. 4/9/2019: Adobe has released new security updates for Shockwave Player. The new version is 12.3.5.205. Security notices for all Adobe products are available here. 4/4/2019: Google has released a new stable release version of the Chrome browser 73.0.3683.103. There are a number of security fixes in this release. Chrome release information is available here. 3/26/2019: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 3/22/2019: Mozilla has announced a new release for Firefox ESR version 60.6.1. The security information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 66.0.1. 3/20/2019: Google has released a new stable release version of the Chrome browser 73.0.3683.86. There are a number of security fixes in this release. Chrome release information is available here. 3/19/2019: Mozilla has announced a new release for Firefox ESR version 60.6. The security information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 66.0. 3/13/2019: Google has released a new stable release version of the Chrome browser 73.0.3683.75. There are a number of security fixes in this release. Chrome release information is available here. 3/13/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 2/22/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.010.20098. Security notices for all Adobe products are available here. 2/13/2019: Google has released a new stable release version of the Chrome browser 72.0.3626.109. There are a number of security fixes in this release. Chrome release information is available here. 2/12/2019: Mozilla has announced a new release for Firefox ESR version 60.5.1. The security information is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 65.0.1. 2/12/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 2/12/2019: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.142. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 2/12/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.010.20091. Security notices for all Adobe products are available here. 2/8/2019: Apple has released new security patches for Mac OS, iOS. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 2/6/2019: Google has released a new stable release version of the Chrome browser 72.0.3626.96. There are a number of security fixes in this release. Chrome release info is available here. 1/30/2019: Mozilla has announced a new release for Firefox ESR version 60.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 65.0. 1/30/2019: Google has released a new stable release version of the Chrome browser 72.0.3626.81. There are a number of security fixes in this release. Chrome release info is available here. 1/23/2019: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 1/15/2019: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u201 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 1/11/2019: We've posted new confirmed phishing emails for Doculink and a CSC Survey malicious links.Please be aware so you do not fall victim to one of these phishing emails. 1/10/2019: We've posted new confirmed phishing emails about fake OneDrive shared files and 'Are you there?' emails. Please be aware so you do not fall victim to one of these phishing emails. 1/8/2019: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 1/8/2019: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.114. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 1/3/2019: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.010.20069. Security notices for all Adobe products are available here. 12/19/2018: Microsoft has released new Out of Band security patch involving browsers. This vulnerability has an exploit currently being used on the Internet. Sans info is available here. The official Microsoft notification is available here. 12/12/2018: Google has released a new stable release version of the Chrome browser 71.0.3578.98. There are a number of security fixes in this release. Chrome release info is available here. 12/11/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 12/11/2018: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.010.20064. Security notices for all Adobe products are available here. 12/11/2018: Mozilla has announced a new release for Firefox ESR version 60.4. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 64.0. 12/6/2018: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 12/5/2018: Adobe has released new security updates for Flash Player. The new Flash version is 32.0.0.101. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 12/5/2018: Google has released a new stable release version of the Chrome browser 71.0.3578.80. There are a number of security fixes in this release. Chrome release info is available here. 11/20/2018: Adobe has released new security updates for Flash Player. The new Flash version is 31.0.0.153. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 11/20/2018: Google has released a new stable release version of the Chrome browser 70.0.3538.110. There are a number of security fixes in this release. Chrome release info is available here. 11/13/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 11/13/2018: Adobe has released new security updates for multiple products. Reader/Acrobat. The new version is 2019.008.20081. Flash Player. The new version is 31.0.0.148. Security notices for all Adobe products are available here. 11/9/2018: Google has released a new stable release version of the Chrome browser 70.0.3538.102. There are a number of security fixes in this release. Chrome release info is available here. 10/30/2018: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 10/30/2018: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u191 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 10/25/2018: We've posted a new confirmed phishing email about a fake email from President Ojakian. Please be aware so you do not fall victim to one of these phishing emails. 10/23/2018: Mozilla has announced a new release for Firefox ESR version 60.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 63.0. 10/16/2018: Google has released a new stable release version of the Chrome browser 70.0.3538.67. There are a number of security fixes in this release. Chrome release info is available here. 10/10/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 10/3/2018: Mozilla has announced a new security release for Firefox ESR version 60.2.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 62.0.3. 10/2/2018: Adobe has released new security updates for Reader/Acrobat. The new version is 2019.008.20071. Security notices for all Adobe products is available here. 9/24/2018: Apple has released new security patch for Mac OS Majave 10.14. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 9/19/2018: Adobe has released new security updates for Reader/Acrobat. The new version is 2018.011.20063. Security notices for all Adobe products is available here. 9/18/2018: We've posted a new confirmed phishing email about a fake shared OneDrive file . Please be aware so you do not fall victim to one of these phishing emails. 9/11/2018: Google has released a new stable release version of the Chrome browser 69.0.3497.92. There are a number of security fixes in this release. Chrome release info is available here. 9/11/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 9/11/2018: Adobe has released new security updates for Flash Player. The new Flash version is 31.0.0.108. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 9/5/2018: Mozilla has announced a new release for Firefox ESR version 60.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 62.0. 9/5/2018: Be aware of a phishing campaign targeting Federal Student Aid. More information is available here. 9/4/2018: Google has released a new stable release version of the Chrome browser 69.0.3497.81. There are a number of security fixes in this release. Chrome release info is available here. 8/22/2018: Adobe has released a new security update for Photoshop. This exploit is rated critical and can lead to remote code execution. There are new patches for Photoshop CC versions 19.1.5, 18.1.5 and earlier. More info is available here. Security notices for all Adobe products are available here. 8/22/2018: We've posted a new confirmed phishing email about a fake Outlook Web App upgrade. Please be aware so you do not fall victim to one of these phishing emails. 8/15/2018: Adobe has released new security updates for multiple products. Reader/Acrobat. The new version is 2018.011.20058. Flash Player. The new version is 30.0.0.154. Security notices for all Adobe products are available here. 8/15/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 8/8/2018: Google has released a new stable release version of the Chrome browser 68.0.3440.106. There are a number of security fixes in this release. Chrome release info is available here. 7/31/2018: Google has released a new stable release version of the Chrome browser 68.0.3440.84. There are a number of security fixes in this release. Chrome release info is available here. 7/25/2018: Google has released a new stable release version of the Chrome browser 68.0.3440.75. Note that this version changes the default action for http sites. There are a number of security fixes in this release. Chrome release info is available here. 7/17/2018: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u181 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 7/10/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 7/10/2018: Adobe has released new security updates for multiple products. Reader/Acrobat. The new version is 2018.011.20055. Flash Player. The new version is 30.0.0.134. Security notices for all Adobe products are available here. 7/10/2018: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 6/26/2018: Mozilla has announced a new release for Firefox ESR version 52.9, 60.1. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 61.0. 6/25/2018: Google has released a new stable release version of the Chrome browser 67.0.3396.99. There are a number of security fixes in this release. Chrome release info is available here. 6/12/2018: Google has released a new stable release version of the Chrome browser 67.0.3396.87. There are a number of security fixes in this release. Chrome release info is available here. 6/12/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 6/7/2018: Mozilla has announced a new release for Firefox ESR version 52.8.1, 60.0.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 60.0.2. 6/7/2018: Google has released a new stable release version of the Chrome browser 67.0.3396.78. There are a number of security fixes in this release. Chrome release info is available here. 6/7/2018: Adobe has released new security updates for Flash Player. The new Flash version is 30.0.0.113. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 6/1/2018: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 5/29/2018: Google has released a new stable release version of the Chrome browser 67.0.3396.62. There are a number of security fixes in this release. Chrome release info is available here. 5/17/2018: Google has released a new stable release version of the Chrome browser 66.0.3359.181. There are a number of security fixes in this release. Chrome release info is available here. 5/10/2018: Google has released a new stable release version of the Chrome browser 66.0.3359.170. There are a number of security fixes in this release. Chrome release info is available here. 5/9/2018: Mozilla has announced a new release for Firefox ESR version 52.8. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 60.0. 5/9/2018: Adobe has released new security updates for Flash Player. The new Flash version is 29.0.0.171. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 5/9/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 4/24/2018: Apple has released new security patches for Mac OS, iOS, Safari. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 4/17/2018: Google has released a new stable release version of the Chrome browser 66.0.3359.117. There are a number of security fixes in this release. Chrome release info is available here. 4/17/2018: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u171 should be upgraded on all client workstations. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 4/10/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 4/10/2018: Adobe has released new security updates for Flash Player. The new Flash version is 29.0.0.140. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 3/29/2018: Apple has released a new security patches for Mac OS, iOS. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 3/26/2018: Mozilla has announced a new release for Firefox ESR version 52.7.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 59.0.2. 3/14/2018: Mozilla has announced a new release for Firefox ESR version 52.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 59.0. 3/14/2018: Adobe has released new security updates for Flash Player. The new Flash version is 29.0.0.113. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 3/14/2018: Google has released a new stable release version of the Chrome browser 65.0.3325.162. There are a number of security fixes in this release. Chrome release info is available here. 3/14/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 3/7/2018: Google has released a new stable release version of the Chrome browser 65.0.3325.146. There are a number of security fixes in this release. Chrome release info is available here. 02/22/2018: Google has released a new stable release version of the Chrome browser 64.0.3282.186. There are a number of security fixes in this release. Chrome release info is available here. 02/19/2018: Apple has released a new security patches for Mac OS, iOS. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 02/13/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 02/13/2018: Adobe has released new security updates for Reader/Acrobat. The new version is 2018.011.20035. Security notices for all Adobe products is available here. 02/6/2018: Adobe has released new security updates for Flash Player. The new Flash version is 28.0.0.161. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 01/23/2018: Apple has released a new security patches for Safari, iTunes, All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 01/23/2018: Mozilla has announced a new release for Firefox ESR version 52.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. 01/19/2018: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 01/09/2018: Adobe has released new security updates for Flash Player. The new Flash version is 28.0.0.137. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 12/14/2017: Google has released a new stable release version of the Chrome browser 63.0.3239.108. There are a number of security fixes in this release. Chrome release info is available here. 12/12/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 12/12/2017: Adobe has released new security updates for Flash Player. The new Flash version is 28.0.0.126. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 12/6/2017: Google has released a new stable release version of the Chrome browser 63.0.3239.84. There are a number of security fixes in this release. Chrome release info is available here. 12/6/2017: Apple has released a new security patch for OSX ( High Sierra (10.13.2) This patch includes fixes for many parts of the OS. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 11/29/2017: Apple has released a new security patch for OSX ( High Sierra (10.13) This patch prevents root access without a password. All Apple Security Updates will be available here. This update can be applied through Apple updates or Apple downloads. 11/14/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. The official Microsoft notification is available here. 11/14/2017: Mozilla has announced a new release for Firefox ESR version 52.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 57.0. 11/14/2017: Google has released a new stable release version of the Chrome browser 62.0.3202.94. There are a number of security fixes in this release. Chrome release info is available here. 11/14/2017: Adobe has released new security updates for multiple products. Reader/Acrobat. The new version is 2017.011.30068. Flash Player. The new version is 27.0.0.187. Shockwave Player. The new version is 12.3.1.201. Security notices for all Adobe products is available here. 11/7/2017: Google has released a new stable release version of the Chrome browser 62.0.3202.89. There are a number of security fixes in this release. Chrome release info is available here. 10/31/2017: Apple has released many security patches for multiple products. OSX ( El Capitan(10.11), Sierra(10.12)and High Sierra (10.13), iOS (11.1), Safari (version 11.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 10/27/2017: Google has released a new stable release version of the Chrome browser 62.0.3202.75. There are a number of security fixes in this release. Chrome release info is available here. 10/18/2017: Google has released a new stable release version of the Chrome browser 62.0.3202.62. There are a number of security fixes in this release. Chrome release info is available here. 10/17/2017: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u151 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 10/16/2017: Microsoft has released new security patch for a wireless WPA-2 vulnerability. This vulnerability can allow an attacker to view encrypted information over a wireless connection. Sans info is available here. The official Microsoft notification is available here. 10/16/2017: Adobe has released new security updates for Flash Player. This supplies a fix for a vulnerability that is active in the wild and should be patched ASAP. The new Flash version is 27.0.0.170. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 10/10/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 9/28/2017: Mozilla has announced a new release for Firefox ESR version 52.4. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 56.0. 9/21/2017: Google has released a new stable release version of the Chrome browser 61.0.3163.100. There are a number of security fixes in this release. Chrome release info is available here. 9/19/2017: Apple has released many security patches for multiple products. iOS (11.0), Safari (version 11). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 9/13/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 9/13/2017: Adobe has released new security updates for Flash Player. The new Flash version is 27.0.0.130. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 9/5/2017: Google has released a new stable release version of the Chrome browser 61.0.3163.79. There are a number of security fixes in this release. Chrome release info is available here. 8/24/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.113. There are a number of security fixes in this release. Chrome release info is available here. 8/14/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.101. There are a number of security fixes in this release. Chrome release info is available here. 8/8/2017: Mozilla has announced a new release for Firefox ESR version 52.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 55.0. 8/8/2017: Adobe has released new security updates for Reader/Acrobat. The new version is 2017.011.30059. Security notices for all Adobe products is available here. 8/8/2017: Adobe has released new security updates for Flash Player. The new Flash version is 26.0.0.151. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 8/8/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 8/4/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.90. There are a number of security fixes in this release. Chrome release info is available here. 7/25/2017: Google has released a new stable release version of the Chrome browser 60.0.3112.78. There are a number of security fixes in this release. Chrome release info is available here. 7/19/2017: Apple has released many security patches for multiple products. OSX ( Yosemite(10.10.6), El Capitan(10.11.7) and Sierra(10.12.6)), iOS (10.3.3), Safari (version 10.1.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 7/18/2017: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u144 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 7/11/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 7/11/2017: Adobe has released new security updates for Flash Player. The new Flash version is 26.0.0.137. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 6/15/2017: Google has released a new stable release version of the Chrome browser 59.0.3071.104. There are a number of security fixes in this release. Chrome release info is available here. 6/14/2017: Mozilla has announced a new release for Firefox ESR version 52.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 54.0. 6/13/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 6/13/2017: Adobe has released new security updates for Flash Player. The new Flash version is 26.0.0.126. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 6/13/2017: Adobe has released new security updates for Shockwave Player. The new Shockwave Player version is 12.2.9.199. 6/6/2017: Google has released a new stable release version of the Chrome browser 59.0.3071.86. There are a number of security fixes in this release. Chrome release info is available here. 5/16/2017: Apple has released many security patches for multiple products. OSX ( 10.10.6, 10.11.7 and 10.12.5), iOS (10.3.2), Safari (version 10.1.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 5/10/2017: Google has released a new stable release version of the Chrome browser 58.0.3029.110. There are a number of security fixes in this release. Chrome release info is available here. 5/9/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 5/9/2017: Adobe has released new security updates for Flash Player. The new Flash version is 25.0.0.171. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 4/24/2017: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u131 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 4/20/2017: Google has released a new stable release version of the Chrome browser 58.0.3029.81. There are a number of security fixes in this release. Chrome release info is available here. 4/20/2017: Mozilla has announced a new release for Firefox ESR version 45.9. There is an update of the next version 52.1. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 53.0. 4/12/2017: Microsoft has released this month's security bulletin. There are many updates that affect server and client components. Sans info is available here. The official Microsoft notification is available here. 4/11/2017: Adobe has released new security updates for Reader/Acrobat. The new version is 15.023.20053. Security notices for all Adobe products is available here. 4/11/2017: Adobe has released new security updates for Flash Player. The new Flash version is 2015.006.30306. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 3/30/2017: Google has released a new stable release version of the Chrome browser 57.0.2987.133. There are a number of security fixes in this release. Chrome release info is available here. 3/28/2017: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.3), Safari (version 10.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 3/15/2017: Adobe has released new security updates for Shockwave Player. The new Shockwave Player version is 12.8.198. 3/15/2017: Adobe has released new security updates for Flash Player. The new Flash version is 25.0.0.127. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 3/15/2017: Microsoft has released this month's security bulletin. There are eighteen updates that affect server and client components. Seven of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 3/9/2017: Google has released a new stable release version of the Chrome browser 57.0.2987.98. There are a number of security fixes in this release. Chrome release info is available here. 3/7/2017: Mozilla has announced a new release for Firefox ESR version 45.8. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 52.0. 2/21/2017: Microsoft has released the patch update for Adobe Flash Player. This patch is included in the IE 10/11 and Edge browsers. This is considered critical patch for remote code execution. The official Microsoft notification is available here. 2/14/2017: Microsoft has delayed this months security patch release. The official Microsoft notification is available here. 2/14/2017: Adobe has released new security updates for Flash Player. The new Flash version is 24.0.0.221. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 1/26/2017: Mozilla has announced a new release for Firefox ESR version 45.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 53.0. 1/26/2017: Google has released a new stable release version of the Chrome browser 56.0.2924.76 There are a number of security fixes in this release. Chrome release info is available here. 1/23/2017: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.2.1), Safari (version 10.0.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 1/18/2017: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u121 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 1/10/2017: Adobe has released new security updates for Reader/Acrobat. The new version is 15.023.20053. Security notices for all Adobe products is available here. 1/10/2017: Adobe has released new security updates for Flash Player. The new Flash version is 24.0.0.194. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 1/10/2017: Microsoft has released this month's security bulletin. There are four updates that affect server and client components. Two of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 12/14/2016: Mozilla has announced a new release for Firefox ESR version 45.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 51.0. 12/13/2016: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Six of these are rated as critical. Three of these have active exploits and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here. 12/13/2016: Adobe has released new security update for Flash Player. The new Flash version is 24.0.0.186. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 12/13/2016: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.2), Safari (version 10.0.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 12/2/2016: Google has released a new stable release version of the Chrome browser 55.0.2883.75 There are a number of security fixes in this release. Chrome release info is available here. 11/30/2016: Mozilla has announced a new release for Firefox ESR version 45.5.1. This is a special release to fix a vulnerability that can allow a remote attacker to take control of a system. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 50.0.2. 11/16/2016: Mozilla has announced a new release for Firefox ESR version 45.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 50.0. 11/10/2016: Google has released a new stable release version of the Chrome browser 54.0.2840.100 There are a number of security fixes in this release. Chrome release info is available here. 11/8/2016: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Six of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 11/8/2016: Adobe has released new security update for Flash Player. The new Flash version is 23.0.0.207. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 10/26/2016: Adobe has released new critical security update for Flash Player. The new Flash version is 23.0.0.205. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 10/25/2016: Apple has released many security patches for multiple products. OSX ( 10.10, 10.11 and 10.12), iOS (10.1), Safari (version 10.0.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 10/18/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u111 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 10/12/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.020.20039. Security notices for all Adobe products is available here. 10/12/2016: Adobe has released new security updates for Flash Player. The new Flash version is 23.0.0.185. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 10/12/2016: Microsoft has released this month's security bulletin. There are ten updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 10/6/2016: Google has released a new stable release version of the Chrome browser 55.0.2882.4. There are a number of security fixes in this release. Chrome release info is available here. 9/29/2016: Google has released a new stable release version of the Chrome browser 53.0.2785.143. There are a number of security fixes in this release. Chrome release info is available here. 9/20/2016: Apple has released many security patches for supporting the new OS Sierra. OSX ( 10.12), iOS (10.0.2), Safari (version 10). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 9/13/2016: Adobe has released new security updates for Flash Player. The new Flash version is 23.0.0.162. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 9/13/2016: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Seven of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 9/1/2016: Apple has released many security patches for multiple products. OSX ( 10.10 and 10.11), iOS (9.3.5), Safari (version 9.1.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 8/31/2016: Google has released a new stable release version of the Chrome browser 53.0.2785.89. There are a number of security fixes in this release. Chrome release info is available here. 8/9/2016: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 8/4/2016: Mozilla has announced a new release for Firefox ESR version 45.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 48.0. 7/22/2016: Google has released a new stable release version of the Chrome browser 53.0.2785.23. There are a number of security fixes in this release. Chrome release info is available here. 7/20/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u101 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 7/19/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.3.3), Safari (version 9.1.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 7/12/2016: Oracle is scheduled to release a new quarterly Critical Patch Update on July 19, 2016. 7/12/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.017.20050. Security notices for all Adobe products is available here. 7/12/2016: Adobe has released new security updates for Flash Player. The new Flash version is 22.0.0.209. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 7/12/2016: Microsoft has released this month's security bulletin. There are eleven updates that affect server and client components. Six of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 6/17/2016: Adobe has released new security updates for Flash Player. The new Flash version is 22.0.0.192. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 6/14/2016: Microsoft has released this month's security bulletin. There are sixteen updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 6/7/2016: Mozilla has announced a new release for Firefox ESR version 45.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. This is part of a major release of the ESR version (45.x) and may need extra testing. There is also a new personal version of Firefox 47.0. 6/3/2016: Google has released a new stable release version of the Chrome browser 51.0.2704.79. There are a number of security fixes in this release. Chrome release info is available here. 5/16/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.3.2), Safari (version 9.1.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 5/12/2016: Adobe has released new security updates for Flash Player. The new Flash version is 21.0.0.242. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 5/12/2016: Google has released a new stable release version of the Chrome browser 50.0.2661.102. There are a number of security fixes in this release. Chrome release info is available here. 5/10/2016: Microsoft has released this month's security bulletin. There are sixteen updates that affect server and client components. Eight of these are rated as critical. One of these has known exploits and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here. 5/10/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.016.20039. Security notices for all Adobe products is available here. There will also be a new release for the Flash Player released this week. 4/28/2016: Google has released a new stable release version of the Chrome browser 50.0.2661.94. There are a number of security fixes in this release. Chrome release info is available here. 4/26/2016: Mozilla has announced a new release for Firefox ESR version 38.8. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. The next major release of the ESR version (45.1) is also available for testing. There is also a new personal version of Firefox 46.0. 4/20/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u91/92 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 4/15/2016: Apple has announced that they are no longer providing Quicktime security updates for the windows platform. There are also new vulnerabilities announced that can be used to exploit the system. Quicktime should be removed from all systems to avoid any exploitation. US-Cert. TrendMicro. 4/14/2016: Google has released a new stable release version of the Chrome browser 50.0.2661.75. There are a number of security fixes in this release. Chrome release info is available here. 4/12/2016: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Six of these are rated as critical. One of these has known exploits and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here. 4/8/2016: Adobe has released new out of band security update for Flash Player for exploits that are currently active. The new Flash version is 21.0.0.213. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 3/28/2016: Google has released a new stable release version of the Chrome browser 49.0.2623.110. There are a number of security fixes in this release. Chrome release info is available here. 3/22/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.3), Safari (version 9.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 3/11/2016: Adobe has released new security updates for Flash Player. The new Flash version is 21.0.0.182. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 3/9/2016: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Five of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 3/9/2016: Google has released a new stable release version of the Chrome browser 49.0.2623.87. There are a number of security fixes in this release. Chrome release info is available here. 3/9/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.010.20060. Security notices for all Adobe products is available here. 3/9/2016: Mozilla has announced a new release for Firefox ESR version 38.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 45.0. 3/2/2016: Google has released a new stable release version of the Chrome browser 49.0.2623.75. There are a number of security fixes in this release. Chrome release info is available here. 2/10/2016: Oracle has announced a new security alert for Java. All machines should be updated to this new 8u74 version. 2/9/2016: Google has released a new stable release version of the Chrome browser 48.0.2564.109. There are a number of security fixes including a new flash version in this release. Chrome release info is available here. 2/9/2016: Adobe has released new security updates for Flash Player. The new Flash version is 20.0.0.306. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 2/9/2016: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Six of these are rated as critical. Sans info is available here. The official Microsoft notification is available here. 2/3/2016: Google has released a new stable release version of the Chrome browser 48.0.2564.103. There are a number of security fixes including a new flash version in this release. Chrome release info is available here. 1/27/2016: Mozilla has announced a new release for Firefox ESR version 38.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 44.0. 1/20/2016: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u71 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 1/20/2016: Google has released a new stable release version of the Chrome browser 48.0.2564.82. There are a number of security fixes including a new flash version in this release. Chrome release info is available here. 1/19/2016: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.2.1), Safari (version 9.0.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 1/14/2016: Google has released a new stable release version of the Chrome browser 47.0.2526.111. There are a number of security fixes including a new flash version in this release. Chrome release info is available here. 1/12/2016: Microsoft has released this month's security bulletin. There are ten updates that affect server and client components. Seven of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 1/12/2016: Adobe has released new security updates for Reader/Acrobat. The new version is 15.010.20056. Security notices for all Adobe products is available here. 12/28/2015: Adobe has released new security updates for Flash Player. The new Flash version is 20.0.0.267. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 12/8/2015: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Eight of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 12/8/2015: Adobe has released new security updates for Flash Player. The new Flash version is 20.0.0.228. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 12/8/2015: Google has released a new stable release version of the Chrome browser 47.0.2526.80. There are a number of security fixes including a new flash version in this release. Chrome release info is available here. 12/8/2015: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.2), Safari (version 9.0.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 12/1/2015: Google has released a new stable release version of the Chrome browser 47.0.2526.73. There are a number of security fixes in this release. Chrome release info is available here. 11/10/2015: Google has released a new stable release version of the Chrome browser 46.0.2490.86. There are a number of security fixes in this release. Chrome release info is available here. 11/10/2015: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 11/10/2015: Adobe has released new security updates for Flash Player. The new Flash version is 19.0.0.245. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 10/27/2015: Adobe has released new security updates for Shockwave Player. The new version is 12.2.1.171. Security notices for all Adobe products is available here. 10/22/2015: Google has released a new stable release version of the Chrome browser 46.0.2490.80. There are a number of security fixes in this release. Chrome release info is available here. 10/21/2015: Apple has released many security patches for multiple products. OSX ( 10.9, 10.10 and 10.11), iOS (9.1), Safari (version 9.0.1). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 10/20/2015: Oracle has announced a new quarterly Critical Patch Update. This includes updates for many Oracle products. A new release for Java 8u65 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Databases, Sun Solaris, PeopleSoft, Middleware products and MySql. 10/16/2015: Adobe has released new security updates for Flash Player. The new Flash version is 19.0.0.226. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 10/13/2015: Google has released a new stable release version of the Chrome browser 46.0.2490.71. There are a number of security fixes in this release. Chrome release info is available here. 10/13/2015: Microsoft has released this month's security bulletin. There are six updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 10/13/2015: Adobe has released new security updates for Flash Player, and Reader/Acrobat. The new Flash version is 19.0.0.207. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.13. The link to the Adobe security blogs bulletin is available here. 9/22/2015: Mozilla has announced a new release for Firefox ESR version 38.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 41.0. 9/21/2015: Google has released a new stable release version of the Chrome browser 45.0.2454.99. There are a number of security fixes in this release. Chrome release info is available here. 9/21/2015: Adobe has released new security updates for Flash Player. The new Flash version is 19.0.0.185. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 9/8/2015: Adobe has released new security updates for Shockwave Player. The new Shockwave Player version is 12.2.0.162. 9/8/2015: Microsoft has released this month's security bulletin. There are twelve updates that affect server and client components. Five of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 9/1/2015: Google has released a new stable release version of the Chrome browser 45.0.2454.85. There are a number of security fixes in this release. Chrome release info is available here. 8/19/2015: Microsoft has released an out of band patch for Internet Explorer. This fixes a vulnerability that can allow an attacker to take over a machine by visiting a specially crafted web page. All versions of Internet Explorer 7 - 11 are vulnerable and should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here. 8/13/2015: Apple has released many security patches for multiple products. OSX (10.8, 10.9 and 10.10), iOS (8.4.1), Safari (version 8.0.8, 7.1.8 and 6.2.8) and OS X Server (version 4.1.5). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 8/12/2015: Java version 8u51 has been tested and approved for use with Banner & Blackboard. This can now be deployed to all machines. More info is available on the Client Software page. 8/11/2015: Mozilla has announced a new release for Firefox ESR version 38.2. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 40.0. 8/11/2015: Google has released a new stable release version of the Chrome browser 44.0.2403.155. There are a number of security fixes in this release. Chrome release info is available here. 8/11/2015: Adobe has released new security updates for Flash Player. The new Flash version is 18.0.0.232. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 8/11/2015: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 8/10/2015: Mozilla has announced a new release for Firefox ESR version 38.1.1. This release includes a critical update that is actively being exploited. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 39.0.3. 7/24/2015: Google has released a new stable release version of the Chrome browser 44.0.2403.107. There are a number of security fixes in this release. Chrome release info is available here. 7/21/2015: Google has released a new stable release version of the Chrome browser 44.0.2403.89. There are a number of security fixes in this release. Chrome release info is available here. 7/20/2015: Microsoft has released an out of band security bulletin for MS15-078. This is for a critical vulnerability in the Font Driver that can allow remote code execution. Sans info is available here. The official Microsoft notification is available here. 7/14/2015: Microsoft has released this month's security bulletin. There are fourteen updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here. Note that with this release Windows 2003 servers are at end of support and will no longer receive updates. These servers should be upgraded or replaced. 7/14/2015: Oracle has announced the new quarterly Critical Patch Update. This includes for many Oracle products. A new release for Java 8u51 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Database Servers, Sun Solaris, PeopleSoft, Middleware products and MySql. 7/14/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.134. There are a number of security fixes in this release. Chrome release info is available here. 7/14/2015: Adobe has released new security updates for Flash Player, Shockwave Player and Reader/Acrobat. The new Flash version is 18.0.0.209. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.12.The new Shockwave Player version is 121.9.159. The link to the Adobe security blogs bulletin is available here. 7/8/2015: Adobe has released new Out Of Band security update for Flash Player. There are exploits in the wild that use this vulnerability. The new Flash version is 18.0.0.203. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. 6/30/2015: Apple has released many security patches for multiple products. OSX (10.8, 10.9 and 10.10),iOS (8.4), Safari (version 8.0.7, 7.1.7 and 6.2.7), iTunes (version 12.2) and QuickTime (version 7.7.7). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 6/23/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.130. There are a number of security fixes in this release. Chrome release info is available here. 6/23/2015: Adobe has released new Out Of Band security update for Flash Player. There are exploits in the wild that use this vulnerability. The new Flash version is 18.0.0.194. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. 6/9/2015: Microsoft has released this month's security bulletin. There are eight updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 6/9/2015: Adobe has released new security updates for Flash Player. The new Flash version is 18.0.0.160. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. 6/9/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.124. There are a number of security fixes in this release. Chrome release info is available here. 5/20/2015: Google has released a new stable release version of the Chrome browser 43.0.2357.65. There are a number of security fixes in this release. Chrome release info is available here. 5/18/2015: Java version 8u45 has been tested and approved for use with Banner & Blackboard. This can now be deployed to all machines. More info is available on the Client Software page. 5/12/2015: Mozilla has announced a new release for Firefox ESR version 31.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 38.0. 5/12/2015: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Five of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 5/12/2015: Adobe has released new security updates for Flash Player and Reader/Acrobat. The new Flash version is 17.0.0.188. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.11. The link to the Adobe security blogs bulletin is available here. 5/7/2015: Apple has released security patches for the Safari browser. New versions of Safari are 6.2.6, 7.1.6 and 8.0.6 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 4/28/2015: Google has released a new stable release version of the Chrome browser 42.0.2311.135. There are a number of security fixes in this release. Chrome release info is available here. 4/14/2015: Oracle has announced the new quarterly Critical Patch Update. This includes for many Oracle products. A new release for Java 8u45 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Database Servers, Sun Solaris, PeopleSoft, Middleware products and MySql. 4/14/2015: Google has released a new stable release version of the Chrome browser 42.0.2311.90. There are a number of security fixes in this release. Chrome release info is available here. 4/14/2015: Adobe has released new security updates for Flash Player. The new Flash version is 17.0.0.169. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. 4/14/2015: Microsoft has released this month's security bulletin. There are eleven updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 4/8/2015: Apple has released security patches for OSX (10.8, 10.9 and 10.10),iOS (8.3) and a new release for Safari (version 8.0.5, 7.1.5 and 6.2.5). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 4/1/2015: Google has released a new stable release version of the Chrome browser 41.0.2272.118. There are a number of security fixes in this release. Chrome release info is available here. 4/1/2015: Mozilla has announced a new release for Firefox ESR version 31.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 37.0. 3/20/2015: Mozilla has announced a new release for Firefox ESR version 31.5.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 36.0.4. 3/20/2015: Apple has released a security patch for OSX (10.10). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 3/19/2015: Google has released a new stable release version of the Chrome browser 41.0.2272.101. There are a number of security fixes in this release. Chrome release info is available here. 3/18/2015: Apple has released security patches for the Safari browser. New versions of Safari are 6.2.4, 7.1.4 and 8.0.4 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 3/12/2015: Adobe has released new security updates for Flash Player. The new Flash version is 17.0.0.134. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. 3/10/2015: Microsoft has released this month's security bulletin. There are thirteen updates that affect server and client components. Five of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 3/10/2015: Apple has released security patches for OSX (10.8, 10.9 and 10.10) and iOS (8.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 3/3/2015: Google has released a new stable release version of the Chrome browser 41.0.2272.76 . There are a number of security fixes in this release. Chrome release info is available here. 2/25/2015: Mozilla has announced a new release for Firefox ESR version 31.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 36. These versions are compatible with the latest testing version of SiteAdvisor 3.5p3. 2/20/2015: Google has released a new stable release version of the Chrome browser 40.0.2214.115. There are a number of security fixes in this release. Chrome release info is available here. 2/10/2015: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 2/5/2015: Google has released a new stable release version of the Chrome browser 40.0.2214.111. There are a number of security fixes and a new flash version in this release. Chrome release info is available here. 2/4/2015: Adobe has released an Out-Of-Band security update for Flash Player that is actively being exploited. The new Flash version is 16.0.0.305. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. Downloads are available here. 1/28/2015: Apple has released security patches for OSX (10.8, 10.9 and 10.10),iOS (8.1.3) and a new release for Safari (version 8.0.3, 7.1.3 and 6.2.3). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 1/26/2015: Adobe has released an Out-Of-Band security update for Flash Player that is actively being exploited. The new Flash version is 16.0.0.296. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. Downloads are available here. 1/23/2015: Adobe has released an Out-Of-Band security update for Flash Player that is actively being exploited. The new Flash version is 16.0.0.287. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. 1/22/2015: Oracle has announced the new quarterly Critical Patch Update. This includes for many Oracle products. A new release for Java 7u76 and 8u31 will be tested for Banner & Blackboard compatibility. There are also updates for many products such as Database Servers, Sun Solaris, PeopleSoft, Middleware products and MySql. 1/21/2015: Google has released a new stable release version of the Chrome browser 40.0.2214.91. There are a number of security fixes and a new flash version in this release. Chrome release info is available here. 1/14/2015: Mozilla has announced a new release for Firefox ESR version 31.4. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 35. These versions are not compatible with SiteAdvisor and we are awaiting a new release to fix that situation. 1/14/2015: Google has released a new stable release version of the Chrome browser 39.0.2171.99. There are a number of security fixes and a new flash version in this release. Chrome release info is available here. 1/13/2015: Microsoft has released this month's security bulletin. There are eight updates that affect server and client components. One of these is rated critical. Sans info is available here. The official Microsoft notification is available here. 1/13/2015: Adobe has released new security updates for Flash Player. The new Flash version is 16.0.0.257. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the Adobe security blogs bulletin is available here. 1/13/2015: Oracle is scheduled to release a new version of Java in their quarterly Critical Patch Update on January 20, 2015. For any machines running Java version 7 that are configured for auto-update will be upgraded to Java 8 automatically. Java 8 has not completed testing with internal programs like Banner and Blackboard. Auto-update should be disabled to avoid any problems. More info is available here. 12/23/2014: A new vulnerability in the NTP process has been discovered that is affecting multiple operating systems. This vulnerability can be used for remote code execution. NTP versions prior to 4.2.8 are vulnerable. SANS has more info 19093 and 19095. Apple has info listed here for 10.8.5, 10.9.5 and 10.10.1. Cisco is listing info here for many products. Other operating systems could also be affected and will require updating. 12/9/2014: Microsoft has released this month's security bulletin. There are seven updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 12/9/2014: Google has released a new stable release version of the Chrome browser 39.0.2171.95 . There are a number of security fixes in this release. Chrome release info is available here. 12/9/2014: Adobe has released new security updates for Flash Player and Acrobat/Reader. The new Flash version is 16.0.0.235. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.10 or 10.1.13. The link to the security blogs bulletin is available here. 12/4/2014: Microsoft has announced this month's advanced security notice bulletin. The release on December 9th will include seven updates that affect server, client and office components. Three of these are rated critical. The official Microsoft notification is available here. 12/3/2014: Apple has released security patches for the Safari browser. New versions of Safari are 6.2.1, 7.1.1 and 8.0.1 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 12/2/2014: Mozilla has announced a new release for Firefox ESR version 31.3. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 34. These versions are not compatible with SiteAdvisor and we are awaiting a new release to fix that situation. 11/25/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.239. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here. 11/18/2014: Google has released a new stable release version of the Chrome browser 39.0.2171.65 . There are a number of security fixes in this release. Chrome release info is available here. 11/18/2014: Microsoft has announced a new advanced security bulletin for an out-of-band patch that will be released today. The official Microsoft notification is available here. This is listed as a critical patch for server operating systems. 11/18/2014: Apple has released security patches for OSX 10.10.1, Apple TV and iOS version 8.1. Sans has more info here. Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 11/14/2014: The Java version 7u72 has completed testing with Banner & Blackboard. This is now the recommended version that should be deployed to all machines. Downloads are available on the support center web site here: Software Versions. 11/12/2014: Google has released a new stable release version of the Chrome browser 38.0.2125.122. There are a number of security fixes in this release. Chrome release info is available here. 11/11/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.223. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here. 11/11/2014: Microsoft has released this month's security bulletin. There are 14 updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 11/6/2014: Microsoft has announced this month's advanced notice security bulletin. There are 16 updates that affect server, client and office components. Five of these are rated critical. The official Microsoft notification is available here. 10/17/2014: Apple has released security patches for OSX (10.8.6 and 10.9.6),iTunes 12.0.1 (12.0.1) and a new release for OS X Yosemite (version 10.10). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 10/14/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.189. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here. 10/14/2014: Mozilla has announced a new release for Firefox ESR version 31.2. FireFox ESR 31 may not be compatible with all plug-ins & web sites and should be tested before deploying. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 33.0. The next version of FireFox ESR 31 has been released:https://www.mozilla.org/en-US/firefox/33.0/releasenotes/. 10/14/2014: Oracle has announced the pre-release announcement for the quarterly security patch. This is scheduled to be released on 10/14/2014. This will include patches for many products including Java, Databases and Solaris. Release notice: 2014-Q4. 10/14/2014: Microsoft has released this month's security bulletin. There are eight updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 10/10/2014: Microsoft has announced this month's advanced notice security bulletin. There are nine updates that affect server, client and office components. Three of these are rated critical. The official Microsoft notification is available here. 10/8/2014: Google has released a new stable release version of Chrome 38.0.2125.101 . There are many(159) security fixes in this release. Chrome release info is available here. 9/24/2014: Google has released a new stable release version of Chrome 37.0.2062.124. There is a new security fix for RSA signature malleability in this release. Chrome release info is available here. 9/24/2014: Mozilla has announced a new release for Firefox ESR version 24.8.1 and 31.1.1 The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 32.0.3. 9/17/2014: Apple has released security patches for OSX (10.9.5),Safari Browser (6.2 and 7.1) and iOS (version 8). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 9/16/2014: Adobe has released new security updates for Reader/Acrobat. The new Reader/Acrobat version is 11.0.09. The link to the security blogs bulletin is available here. 9/9/2014: Microsoft has released this month's security bulletin. There are four updates that affect server and client components. One of these is rated critical. Sans info is available here. The official Microsoft notification is available here. 9/9/2014: Google has released a new stable release version of Chrome 37.0.2062.120. There are a number of security fixes in this release. Chrome release info is available here. 9/9/2014: Adobe has released new security updates for Flash Player. The new Flash version is 15.0.0.152. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here. 9/4/2014: Microsoft has announced this month's advanced notice security bulletin. There are four updates that affect server, client and office components. One of these is rated critical. The official Microsoft notification is available here. 9/2/2014: Mozilla has announced a new release for Firefox ESR version 24.8 and 31.1 The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 32.0.3. The next version of FireFox ESR 31 has been released:https://www.mozilla.org/en-US/firefox/32.0/releasenotes/. This will require more extensive testing as it rolls all the new features introduced since version 24. 8/28/2014: Google has released a new stable release version of Chrome 37.0.2062.102. There are a number of security fixes in this release. Chrome release info is available here. 8/14/2014: Apple has released security patches for the Safari browser. New versions of Safari are 6.1.6 and 7.0.6 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 8/12/2014: Google has released a new stable release version of Chrome 36.0.1958.143. There are a number of security fixes in this release. Chrome release info is available here. 8/12/2014: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 8/12/2014: Adobe has released new security updates for Flash Player and Reader/Acrobat. The new Flash version is 14.0.0.145. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The new Reader/Acrobat version is 11.0.08. The link to the security blogs bulletin is available here. 8/8/2014: Microsoft has announced this month's advanced notice security bulletin. There are nine updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here. 7/30/2014: Google has released a new stable release version of Chrome 36.0.1958.138. There are a number of security fixes in this release. Chrome release info is available here. 7/22/2014: Mozilla has announced a new release for Firefox ESR version 24.7. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 31. The next version of FireFox ESR 31 has been released:https://www.mozilla.org/en-US/firefox/31.0/releasenotes/. This will require more extensive testing as it rolls all the new features introduced since version 24. 7/14/2014: Oracle has announced the pre-release announcement for the quarterly security patch. This is scheduled to be released on 7/14/2014. This will include patches for many products including Java, Databases and Solaris. Release notice: 2014-Q3. 7/8/2014: Microsoft has released this month's security bulletin. There are six updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 7/8/2014: Adobe has released a new security updates for Flash Player. The new Flash version is 14.0.0.176. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here. 7/7/2014: Microsoft has announced this month's advanced notice security bulletin. There are six updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here. 7/1/2014: Apple has released security patches for the Safari browser and OSX operating systems. New versions of Safari 6.1.5 and 7.0.5 include many security fixes. OSX can be upgraded to version 10.9.4. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 6/10/2014: Google has released a new stable release version of Chrome 35.0.1916.155. There are a number of security fixes in this release. This includes the new flash update(14.0.0.125). Chrome release info is available here. 6/10/2014: Adobe has released a new security updates for Flash Player. The new Flash version is 14.0.0.125. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. The link to the security blogs bulletin is available here. 6/10/2014: Microsoft has released this month's security bulletin. There are seven updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 6/10/2014: Mozilla has announced a new release for Firefox ESR version 24.6. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 30. 6/5/2014: Microsoft has announced this month's advanced notice security bulletin. There are seven updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here. 5/21/2014: Apple has released security patches for the Safari browser. New versions of Safari 6.1.4 and 7.0.4 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 5/16/2014: Google has released a new stable release version of Chrome 34.0.1847.137. There are a number of security fixes in this release. Chrome release info is available here. 5/16/2014: Apple has released security patches for OSX (10.9.3) and iTunes (11.2). Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 5/13/2014: Adobe has released a new security updates for Flash Player and Reader/Acrobat. The new Flash version is 13.0.0.214. The new Reader/Acrobat version is 11.0.07. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. Link to the security blogs bulletin is available here. 5/13/2014: Microsoft has released this month's security bulletin. There are nine updates that affect server and client components. Three of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 5/9/2014: Microsoft has announced this month's advanced notice security bulletin. There are eight updates that affect server, client and office components. Two of these are rated critical. The official Microsoft notification is available here. 5/1/2014: Microsoft has released an out of band special patch for Internet Explorer. This is patching a vulnerability in all versions of IE that is currently being exploited. All systems should be patched as soon as possible. Sans info is available here. The official Microsoft notification is available here. 4/29/2014: Mozilla has announced a new release for Firefox ESR version 24.5. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 29. 4/29/2014: Google has released a new stable release version of Chrome 34.0.1847.131. There are a number of security fixes in this release. Chrome release info is available here. 4/29/2014: Adobe has released a new security update for Flash Player. The new version is 13.0.0.206. Link to the security blogs bulletin is available here. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 4/23/2014: Apple has released security patches for OSX (10.7.5, 10.8.5, 10.9.2), Apple TV and iOS for mobile devices. Apple Security Updates will be available here. These updates can be applied through Apple updates or Apple downloads. 4/8/2014: Google has released a new stable release version of Chrome 34.0.1847.116. There are a number of security fixes in this release. Chrome release info is available here. 4/8/2014: Adobe has released a new security update for Flash Player. The new version is 13.0.0.182. Link to the security blogs bulletin is available here. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 4/8/2014: An announcement has been made for the OpenSSL version that is present in many Unix/Linux based operating systems. This includes RedHat, Ubuntu, Mac OS X and others. Patches are available for many of these Operating Systems. More info is available in these links: 17917 17921 US-CERT. 4/8/2014: Microsoft has released this month's security bulletin. There are four updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 4/2/2014: Apple has released security patches for the Safari browser. New versions of Safari 6.1.3 and 7.0.3 include many security fixes. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 3/18/2014: Mozilla has announced a new release for Firefox ESR version 24.4. The security info is available here: ESR Security Advisories. Downloads are available here: Firefox ESR. There is also a new personal version of Firefox 28. 3/13/2014: Adobe has released a security update for the Shockwave Player. Shockwave player has a new version of 12.0.9.150. Link to the security blogs bulletin is available here. 3/11/2014: Google has released a new stable release version of Chrome 33.0.1750.149. There are a number of security fixes in this release. Chrome release info is available here. 3/11/2014: Microsoft has released this month's security bulletin. There are five updates that affect server and client components. Two of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 3/11/2014: Adobe has released a new security update for Flash Player. The new version is 12.0.0.77. Link to the security blogs bulletin is available here. This update will also be reflected for the browsers with built in flash players like Chrome and Internet Explorer 10/11. 3/6/2014: Microsoft has announced this month's advanced notice security bulletin. There are five updates that affect server and client components. Two of these are rated critical. The official Microsoft notification is available here. 3/3/2014: Google has released a new stable release version of Chrome 33.0.1750.146. There are a number of security fixes in this release. Chrome release info is available here. 2/26/2014: Apple has released security patches for multiple products. New patches are available for OSX (10.7, 10.8, 10.9), Safari browser, Quicktime and iOS for mobile devices. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 2/20/2014: Adobe has released a new security update for Flash Player. The new version is 12.0.0.70. Link to the security blogs bulletin is available here. 2/20/2014: Google has released a new stable release version of Chrome 33.0.1750.117. There are a number of security fixes in this release. Chrome release info is available here. 2/11/2014: Adobe has released a security update for the Shockwave Player. Shockwave player has a new version of 12.0.9.149. Link to the security blogs bulletin is available here. 2/11/2014: Microsoft has released this month's security bulletin. There are seven updates that affect server and client components. Four of these are rated critical. Sans info is available here. The official Microsoft notification is available here. 2/6/2014: Adobe has released a new security update for Flash Player. The new version is 12.0.0.44. Link to the security blogs bulletin is available here. 1/28/2014: Google has released a new stable release version of Chrome 32.0.1700.102. There are a number of security fixes in this release. Chrome release info is available here. 1/15/2014: Google has released a new version of Chrome 32.0.1700.76 to the stable release version. There are a number of security fixes in this release. This also includes an update for the flash player inside the Chrome browser. Chrome release info is available here. 1/14/2014: Oracle quarterly security patch is also scheduled to be released today. This will include patches for many products including Java, Databases and Solaris. Release notice: 2014-Q1. 1/14/2014: Adobe has released security updates for multiple products. Adobe Reader/Acrobat has a new version of 11.0.06. Adobe Flash Player Flash has a new version of 12.0.0.38. Link to the security blogs bulletin is available here. 1/14/2014: Microsoft has announced this month's security bulletin. There are four updates that affect server and client components. One of these is rated critical. Sans info is available here. The official Microsoft notification is available here. 1/10/2014: There are a number of pre-notifications for product updates to be released next week. Microsoft, Oracle and Adobe all are scheduling products updates next week. More info will follow when it is available. 12/17/2013: Apple has released a new version of the OsX 10.9.1 with many security fixes. More info is available here. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. There is also a new release for the Safari Browser. 12/10/2013: Adobe has released security updates for Adobe Flash Player and Shockwave Player. Flash Player has a new version of 11.9.900.170. Shockwave player has a new version of 12.0.7.148. Link to the security blogs bulletin is available here. 12/10/2013: Microsoft has announced this month's security bulletin. There are eleven updates that affect server and client components. Five of these are rated critical. Two of these are rated Patch Now by SANS and should be patched as soon as possible. The official Microsoft notification is available here. 12/5/2013: Google has released a new version of Chrome 31.0.1650.63 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here. 11/12/2013: Adobe has released security updates for Adobe Flash Player. Flash Player has a new version of 11.9.900.152. Link to the security blogs bulletin is available here. 11/12/2013: Google has released a new version of Chrome 31.0.1650.48 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here. 11/12/2013: Microsoft has announced this month's security bulletin. There are eight updates that affect server and desktop components. Three of these are rated critical. The official Microsoft notification is available here. One patch is fixing a severe vulnerability and is being actively exploited and should be patched as soon as possible. The notice from SANS is listed here. 10/30/2013: Mozilla has announced a new release for Firefox version 25. The security info is available here: Security Advisories. Downloads are available here: Firefox. 10/17/2013: Apple has released new security patches for Java for the Mac OSX 10.6, 10.7 and 10.8. More info is available here. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. 10/17/2013: Google has released a new version of Chrome 30.0.1599.101 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here. 10/15/2013: Oracle has issued a new release for Java 7u45. This will be tested for compatibility with our other software like Banner and Blackboard. The Java release notes are available here and Java 7 download here. 10/9/2013: Microsoft has announced this month's security bulletin. There are eight updates that affect server and desktop components. Four of these are rated critical. The official Microsoft notification is available here. One patch is fixing a severe vulnerability in Internet Explorer that is being actively exploited and should be patched as soon as possible. The notice from SANS is listed here. 10/9/2013: Adobe has released security updates for Adobe Reader/Acrobat. Reader/Acrobat has a new version of 11.0.05. Link to the security blogs bulletin is available here. 9/18/2013: Mozilla has announced a new release for Firefox version 24. The security info is available here: Security Advisories. Downloads are available here: Firefox. 9/16/2013: Apple has released a new version of the OsX 10.8.5 with many security fixes. More info is available here. Apple Security Updates are available here. These updates can be applied through Apple updates or Apple downloads. There is also a new release for the Safari Browser 9/11/2013: Oracle has issued a new release for Java 7u40. This will be tested for compatibility with our other software like Banner and Blackboard. The Java release notes are available here and Java 7 download here. 9/10/2013: Adobe has released security updates for multiple products. Adobe Reader/Acrobat has a new version of 11.0.04. Adobe Flash Player Flash has a new version of 11.8.800.168. There is also a security update for the Shockwave Player 12.0.4.144. Link to the security blogs bulletin is available here. 9/10/2013: Microsoft has announced this month's security bulletin. There are fourteen updates that affect server and desktop components. Four of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. 8/23/2013: Google has released a new version of Chrome 29.0.1547.57 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here. 8/13/2013: Microsoft has released this month's security bulletin. There are eight updates that affect server and desktop components. Six of these are rated critical. One of these is actively being exploited and should be patched as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here. 8/7/2013: Mozilla has announced a new release for Firefox version 23. The security info is available here: Security Advisories. Downloads are available here: Firefox. 7/26/2013: The new version of Java 6.51 has passed testing for Banner & Blackboard. More info is available here. The software download is available here. 7/11/2013: Google has released a new version of Chrome 28.0.1500.71 to the stable release version. There are a number of security fixes in this release. Chrome release info is available here. 7/9/2013: Adobe has released a security updates for Adobe Flash Player Flash has a new version of 11.8.800.94. There is also a security update for the Shockwave Player 12.0.3.133. Link to the security blogs bulletin is available here. 7/9/2013: Microsoft has released this month's security bulletin. There are seven updates that affect server and desktop components. Six of these are rated critical. One of these is actively being exploited and should be patched as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here. 6/26/2013: Mozilla has announced a new release for Firefox version 22. The security info is available here: Security Advisories. Downloads are available here: Firefox. 6/11/2013: Adobe has released a security updates for Adobe Flash Player Flash has a new version of 11.7.700.224. Link to the security blogs bulletin is available here. 6/11/2013: Microsoft has released this month's security bulletin. There are five updates that affect server and desktop components. Two of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. 6/5/2013: Apple has released a new version of the OS 10.8.4 with many security fixes. Sans has more info here. Apple Security Updates will be available here. These updates can be applied through apple updates or Apple downloads. 5/31/2013: Apple has released a new version of Quicktime 7.7.4 with many security fixes. This version is available for Windows & Mac computers. There are a number of security fixes in this release. The update information is available here. These updates can be applied through apple updates or Apple downloads. 5/22/2013: Google has promoted the Chrome 27 version to the stable release version. There are a number of security fixes in this release. Chrome release info is available here. 5/14/2013: Adobe has released a security updates for multiple products. Adobe Flash Player has a new version of 11.7.700.202. Adobe Reader and Acrobat has a new version of 11.0.03. Adobe Cold Fusion has new updates for many releases here. Link to the security blogs bulletin is available here. 5/14/2013: Mozilla has announced a new release for Firefox version 21. The security info is available here: Security Advisories. Downloads are available here:Firefox. 5/14/2013: Microsoft has released this month's security bulletin. There are ten updates that affect server and desktop components. Two of these are rated critical. One of these fixes a vulnerability in IE8 that is being actively exploited. The official Microsoft notification is available here. The notice from SANS is listed here. 4/9/2013: Microsoft has released this month's security bulletin. There are nine updates that affect server and desktop components. Two of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. 4/8/2013: Mozilla has announced a new release for Firefox version 20. The security info is available here:Security Advisories. Downloads are available here:Firefox. 3/28/2013: Google has promoted the Chrome 26 version to the stable release version. There are a number of security fixes in this release. Chrome release info is available here. 3/15/2013: Apple has announced a new security release for Java(6u43) and Mac OS X 10.6 update 14. The update information is available here. These updates can be applied through apple updates or Apple downloads. 3/12/2013: Adobe has released a new update for Adobe Flash Player. Adobe Flash Player has a new version of 11.6.602.180. Link to the security blogs bulletin is available here. 3/12/2013: Microsoft has released this month's security bulletin. There are seven updates in this release that affect server and desktop components. Four of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. 3/5/2013: Oracle has released a new security patch for Java 6u43 & 7u17. The Oracle release notes are available here and Java 7 here. 3/5/2013: Google has released a new version of the Chrome browser. The Chrome stable release version is 25.0.1364.152. Chrome release info is available here. 2/27/2013: Adobe has released a new update for Adobe Flash Player. Adobe Flash Player has a new version of 11.6.602.171. Link to the security blogs bulletin is available here. 2/21/2013: Apple has announced a new security release for Java and Mac OS X 10.6 update 13. The update information is available here. These updates can be applied through apple updates or Apple downloads. 2/21/2013: Mozilla and Google have released new versions of common browsers. Mozilla has announced version 19.0 of the Firefox browser. Link to the security advisories are available here. The Firefox download is available here. Google has released the 25.0.1364.87 version of Chrome. Chrome release info is available here. 2/20/2013: Adobe has released security updates for both Reader and Acrobat versions XI(11.0.02), X(10.1.6) and 9(9.5.4). The Adobe announcement is available here. Adobe Product Security Incident Response Team Blog is available here. See this page for more info on ConnSCU standards for Adobe/Java Updates. 2/20/2013: Oracle has released a new security patch for Java 6u41 & 7u15. This is a follow-up to the patches released and February 1st. There are also Java patches available for the Apple OS as there were recent malware compromises to Apple systems. The Oracle announcement is available here. 2/12/2013: Adobe has released a new update for Adobe Flash Player and Shockwave Player. Adobe Flash Player has a new version of 11.6.602.168. Adobe Flash Shockwave Player has a new version of 12.0.0.112. Link to the security blogs bulletin is available here. 2/12/2013: Microsoft has released this month's security bulletin. There are twelve updates in this release that affect server and desktop components. Five of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. 2/7/2013: Adobe has released a new critical update for Adobe Flash Player. Adobe Flash Player has a new version of 11.5.502.149. Link to the security bulletin is available here. 2/1/2013: Oracle has released a new security patch for Java 6 & 7. This was released prior to the scheduled date because of active exploitation on the Internet. This release includes new security fixes and should be patched as soon as possible. The Oracle announcement is available here. 1/15/2013: Microsoft has released an out of band patch for Internet Explorer. This patch affects IE versions 6, 7 and 8. This should be applied as soon as possible as there are known exploits using this vulnerability. The official Microsoft notification is available here. The notice from SANS is listed here. 1/14/2013: Oracle has released a new security patch for Java 7 (7 update 11). This release includes new security fixes and should be patched as soon as possible. The Oracle announcement is available here. 1/9/2013: Adobe has released a new critical update for Adobe Flash Player. Adobe Flash Player has a new version of 11.5.502.146. Link to the security bulletin is available here. 1/9/2013: Adobe has released security updates for both Reader and Acrobat. The Adobe announcement is available here. See this page for more info on ConnSCU standards for Adobe/Java Updates. 1/8/2013: Microsoft has released this month's security bulletin. There are seven updates in this release that affect server and desktop components. Two of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. 12/6/2012: Microsoft has released this month's advance notice security bulletin. There are seven updates in this release that affect server and desktop components. Five of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. These are scheduled to be released on 12/11/2012. 11/21/2012: Mozilla has released a new 17.0 version of the Firefox browser with many security and bug fixes. Link to the security advisories are available here. The Firefox download is available here. 11/13/2012: Microsoft has released this month's security bulletin. There are six updates in this release that affect server and desktop components. Four of these are rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. 11/9/2012: Adobe has released a new critical update for Adobe Flash Player. Adobe Flash Player has a new version of 11.5.502.110. Link to the security bulletin is available here. 10/9/2012: Adobe has released a new critical update for Adobe Flash Player. Adobe Flash Player has a new version of 11.4.402.287. Link to the security bulletin is available here. 10/9/2012: Microsoft has released this month's security bulletin. There are seven updates in this release that affect server and desktop components. One of these is rated critical. The official Microsoft notification is available here. The notice from SANS is listed here. These updates will be released on 10/16/2012. 09/11/2012: Microsoft has released this month's security bulletin. There are two updates in this release that affect servers. These are rated important. There also is an update to the Windows Malicious Software Removal Tool which can affect desktop operating systems. The official Microsoft notification is available here. The notice from SANS is listed here. 08/22/2012: Adobe has released a new update for Adobe Flash Player. Adobe Flash Player has a new version of 11.4.402.265. Link to the security bulletins is available here. 08/14/2012: Adobe has released new updates for multiple products. Adobe Reader and Acrobat have a new 10.1.4 version. Adobe Shockwave Player has a new version of 11.6.5.636. Adobe Flash Player has a new version of 11.3.300.271. Links to these security bulletins are available from this blog post. 08/14/2012: Microsoft has released this month's security bulletin. There are nine updates in this release - with six rated critical. Please test and install these updates as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here. 07/10/2012: Microsoft has released this month's security bulletin. There are nine updates in this release - with three rated critical. SANS is recommending to "Patch Now" for two of the vulnerabilities that are actively being exploited. Please test and install these right away. The official Microsoft notification is available here. The notice from SANS is listed here. 06/12/2012: Microsoft has released this month's security bulletin. There are seven updates in this release - with three rated critical. SANs is recommending Patch Now for one of them. Please test and install these updates right away. The official Microsoft notification is available here. The notice from SANS is listed here. 05/08/2012: Microsoft has released this month's security bulletin. There are seven updates in this release - with three rated critical. SANs is reporting that there are known exploits for a few of the vulnerabilities. Please test and install these updates as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here. 05/04/2012: Adobe has released security updates for both Shockwave and Flashplayer. The Adobe announcements are available here. More info can be found on the SANS site. See this page for more info on ConnSCU standards for Adobe/Java Updates. 04/30/2012: Oracle has released a workaround for the TNS listener vulnerability - alert-cve-2012-1675-1608180.html. The SANS write-up about the issue is listed here. 04/10/2012: Microsoft has released this month's security bulletin. There are six updates in this release - with four rated as critical. Please test and install these updates right away. The official Microsoft notification is available here. The notice from SANS is listed here. 04/10/2012: Adobe has released security updates for both Reader and Acrobat. The Adobe announcement is available here. More info can be found on the SANS site. See this page for more info on ConnSCU standards for Adobe/Java Updates. 03/13/2012: Microsoft has released this month's security bulletin. There are six updates in this release - with one rated as critical for a vulnerability in RDP. Please test and install these updates right away. The official Microsoft notification is available here. The notice from SANS is listed here. 03/6/2012: Adobe has released a version for the Flash Player (11.1.102.63). Updates are available for Windows, Macintosh, Linux, Solaris and Android operating systems. The Adobe announcement is available here. More info can be found on the SANS site. See this page for more info on Commnet standards for Adobe/Java Updates. 02/14/2012: Adobe has released a patch for vulnerabilities in Shockwave Player and RoboHelp for Word. All machines should be updated to this new 11.6.4.634 version of Shockwave for Windows and Macintosh operating systems. The official Adobe notification is here. The notice from SANS is listed here. See this page for more info on Commnet standards for Adobe/Java Updates. 02/14/2012: Microsoft has released this month's security bulletin. There are nine updates in this release - with four rated as critical. Please test and install these updates as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here. 2/6/2012: Apple has released new security updates for the operating systems OS X 10.6.8 and 10.7.3. Specific info on the security content of the patch is available here. Info on all Apple security updates are available here. 01/10/2012: Adobe has released a patch for multiple vulnerabilities in the Acrobat and Reader products. All machines should be updated to this new 10.1.2 version for Windows and Macintosh operating systems. The official Adobe notification is here. The notice from SANS is listed here. See this page for more info on Commnet standards for Adobe/Java Updates. 01/10/2012: Microsoft has released this month's security bulletin. There are 7 updates in this release - one rated as critical. SANS is saying to patch now for two of them. Please install these updates right away. The official Microsoft notification is available here. The notice from SANS is listed here. 12/13/2011: Microsoft has released this month's security bulletin. There are 14 updates in this release with three rated as critical. One vulnerability is currently being exploited and should be patched as soon as possible. The official Microsoft notification is available here. The notice from SANS is listed here. 12/7/2011: Adobe has announced a new vulnerability in the Acrobat and Reader products. There are active exploits using this vulnerability. Patches will be made available on 12/16/2011. The ReaderX and AcrobatX products are not vulnerable to this exploit if they are running in protected mode. Colleges should be running the latest versions in protected mode. The Adobe announcement is available here. More info can be found on the SANS site. 11/22/2011: RealNetworks has released a new version of RealPlayer(15.0) and Mac RealPlayer(12.0.0.1703) that fixes multiple vulnerabilities. The release announcement is available here. 11/8/2011: Adobe has released a version for the Shockwave Player (11.6.3.633). The Adobe announcement is available here. More info can be found on the SANS site. 11/8/2011: Microsoft has released this month's security bulletin. There are 4 updates in this release with one rated as critical. Please test and install these patches as soon as possible. The official Microsoft notification is available here, and more information can be found on the SANS site. 10/12/2011: Apple has released new security updates for the operating systems OS X 10.6.8 and 10.7.2. Specific info on the security content of the patch is available here. Info on all Apple security updates are available here. 10/11/2011: Microsoft has released this month's security bulletin. There are 8 updates in this release with two rated as critical. Please test and install these patches as soon as possible. The official Microsoft notification is available here, and more information can be found on the SANS site. 9/13/2011: Adobe has released a patch for the Reader & Acrobat products. The Adobe announcement is available here. More info can be found on the SANS site. 9/13/2011: Microsoft has released this month's security bulletin. There are 5 updates in this release - All are rated important. Please test and install these patches timely. The official Microsoft notification is available here, and more information can be found on the SANS site. 8/17/2011: Mozilla has announced a new release(3.6.20) for the Firefox browser. This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox security information is available here. Security info for the Firefox browsers is available here: 3.6. There is also a new Firefox 6.0 version. 8/9/2011: Adobe has released their quarterly patch update for multiple products including Photoshop, Flash Media Server, Flash Player and Shockwave Player. The Adobe announcement is available here. More info can be found on the SANS site. 8/9/2011: Microsoft has released this month's security bulletin. There are 13 updates in this release - 2 are rated critical. Please test and install these patches timely. The official Microsoft notification is available here, and more information can be found on the SANS site. 8/04/2011: Apple has announced a new security patch (7.7) for the Quicktime Player. This is a critical patch will fix multiple vulnerabilities that can allow remote code execution. Apple information is available here. Security info for all Apple products are available here. 7/12/2011: Microsoft has released this month's security bulletin. There are 4 updates in this release - 1 is rated critical. Please test and install these patches timely. The official Microsoft notification is available here, and more information can be found on the SANS site. 6/24/2011: Apple has released new security updates for the operating systems OS X 10.6.8. Specific info on the security content of the patch is available here. Info on all Apple security updates are available here. 6/14/2011: Adobe has released a new security advisory for Adobe Reader and Acrobat. This affects both Windows & Macintosh platforms. The Adobe announcement is available here. 6/14/2011: Microsoft has released this month's security bulletin. There are 16 updates in this release - 9 are rated as critical. Please test and install these as soon as possible. The official Microsoft notification is available here, and more information can be found on the SANS site. 6/6/2011: Adobe has released a new security patch for Adobe Flash Player version 10.3.185.22. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible. The Adobe announcement is available here. 5/13/2011: Adobe has released a new security patch for Adobe Flash Player version 10.3.185.21. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible. The Adobe announcement is available here. 5/10/2011: Microsoft has released this month's security bulletin. There are 2 updates in this release with 1 rated as critical. Please test and install these as soon as possible. The official Microsoft bulletin is available here, and more information can be found on the SANS site. 4/28/2011: Mozilla has announced a new releases(4.0.1 & 3.6.17) for the Firefox browser. This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox security information is available here. Security info for the Firefox browsers is available here 4.0, 3.6 4/12/2011: Microsoft has released this month's security bulletin. There are 17 updates in this release with 9 rated as critical. Please test and install these as soon as possible, as there are exploits available according to SANS. The official Microsoft bulletin is available here. 3/24/2011: Microsoft has release an out-of-band security advisory concerning fraudulent digital certificates. Comodo issued a few certificates for common web sites to invalid owners. These certificates have been revoked but as part of the process, Microsoft has released a released a security update. This update should be applied to all machines to avoid man-in-the-middle or phishing attacks. 3/22/2011: Apple has released new security updates for the operating systems OS X 10.6.7. Specific info on the security content of the patch is available here. Info on all Apple security updates are available here. 3/22/2011: Adobe has released a new security patch for Adobe Flash Player version 10.2.153.1. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible. The Adobe announcement is available here. 3/10/2011: Apple has released new security updates for the operating systems OS X 10.6 update 4 and 10.5 update 9. These updates include fixes for updates in Java. Info on all Apple security updates are available here. 3/08/2011: Microsoft has released this month's security bulletin. There are 3 updates in this release with 1 rated as critical. Please test and install these timely, as there are proof of concept exploits available according to SANS. The official Microsoft bulletin is available here. 3/6/2011: Mozilla has announced a new release(3.6.15) for the Firefox browser. This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox information is available here. Security info for all the 3.6 Firefox browser is available here. 2/16/2011: Oracle has released a new security patch for Java 6 update 24. This affects both Windows, Solaris and Linux platforms. This release includes 21 new security fixes and should be patched as soon as possible. The Oracle announcement is available here. 2/09/2011: Adobe has released a new security patch for Adobe Shockwave Player version 11.5.9.620. This affects both Windows & Macintosh platforms. This release fixes multiple critical vulnerabilities that can be used for remote code execution and should be patched as soon as possible. The Adobe announcement is available here. 2/09/2011: Adobe has released a new security patch for Adobe Flash Player version 10.1.102.64. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible. The Adobe announcement is available here. 2/08/2011: Microsoft has released this month's security bulletin. There are 12 updates in this release with 3 rated as critical. Some of these are actively being exploited. Please test and install these updates right away, as there are exploits available according to SANS. The official Microsoft bulletin is available here. 2/08/2011: Adobe has released a new security patch(10.0) for Adobe ReaderX & Acrobat. The release fixes a critical vulnerability that is being actively exploited. The Adobe announcement is available here. Sans has more info here. 1/11/2011: Microsoft has released this month's security bulletin. There are 2 updates in this release with 1 rated as critical. Please test and install these updates right away, as there are exploits available according to SANS. The official Microsoft bulletin is available here. 12/14/2010: Microsoft has released this month's security bulletin. There are 17 updates in this release with 2 rated as critical. Please test and install these updates right away. SANS has more information, and the official Microsoft bulletin is available here. 12/10/2010: Mozilla has announced a new release(3.6.13) for the Firefox browser. This release has a number of fixes for critical vulnerabilities that can allow remote code execution. Firefox information is available here. Security info for all the 3.6 Firefox browser is available here. 12/09/2010: Apple has announced a new security patch (7.6.9) for the Quicktime Player. This is a critical patch will fix multiple vulnerabilities that can allow remote code execution. Apple information is available here. Security info for all Apple products are available here. 11/17/2010: Adobe has released a new security patch(9.4.1) for Adobe Reader & Acrobat. The release fixes a critical vulnerability that is being actively exploited. The Adobe announcement is available here. Sans has more info here. 11/16/2010: Apple has released new security updates for the operating systems OS X 10.6.5. Specific info on the security content of the patch is available here. Info on all Apple security updates are available here. 11/9/2010: Microsoft has released this month's security bulletin. There are 3 updates in this release with 1 rated as critical for MS Office. There is an exploit available in the wild for that vulnerability - Please test and install these updates right away. SANS has more information, and the official Microsoft bulletin is available here. 11/1/2010: Adobe has released a new security patch for Adobe Shockwave Player version 11.5.9.615. This affects both Windows & Macintosh platforms. This release fixes multiple critical vulnerabilities that can be used for remote code execution and should be patched as soon as possible. The Adobe announcement is available here. 10/12/2010: Microsoft has released this month's security bulletin. There are 16 updates in this release with 4 rated as critical. Please test and install these updates as soon as possible. SANS has more information, and the official Microsoft bulletin is available here. 9/20/2010: Adobe has released a new security patch for Adobe Flash Player version 10.1.85.3. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that is currently allowing remote code execution and should be patched as soon as possible. The Adobe announcement is available here. 9/16/2010: Apple has announced a new security patch (7.6.8) for the Quicktime Player. This is a critical patch will fix multiple vulnerabilities that can allow remote code execution. Apple information is available here. Security info for all Apple products are available here. 9/14/2010: Microsoft has released this month's security bulletin. There are 9 updates in this release with 4 rated as critical. Please test and install these updates as soon as possible. SANS has more information, and the official Microsoft bulletin is available here. 8/10/2010: Microsoft has released this month's security bulletin. There are 14 updates in this release with 9 rated as critical. Please test and install these updates as soon as possible. SANS has more information, and the official Microsoft bulletin is available here. 8/02/2010: Microsoft has released an out-of-band patch for a vulnerability that allows remote code execution. This vulnerability is currently being exploited on the Internet. All vulnerable systems should be patched immediately. Please test and install the updates right away. SANS has more information, and the official Microsoft bulletin is available here. 7/13/2010: Microsoft has released this month's security bulletin. There are 4 updates in this release with 3 rated as critical. SANS is reporting that one of the vulnerabilitites is actively being exploited and recommends that all vulnerable systems be patched immediately. Please test and install the updates right away. SANS has more information, and the official Microsoft bulletin is available here.Important: with today's patches, support for XP SP2 officially comes to an end. There will be no more patches for XP SP2 after today. Please be sure to update any clients that are running XP SP2 or earlier to a supported version.
6/08/2010: Microsoft has released this month's security bulletin. There are 10 updates in this release with 7 rated as critical by SANS. The official Microsoft bulletin is available here. Please test and install the updates as soon as possible. SANS also has more information. 6/05/2010: Adobe has issued a Security Advisory for Flash Player, Adobe Reader and Acrobat. Adobe has posted mitigation suggestions in their advisory until the vulnerabilities are fixed. 5/11/2010: Microsoft has released this month's security bulletin. There are two updates in this release that are rated critical. There also are updates for the Malicious Software Removal Tool. The official Microsoft bulletin is available here. Please test and install the updates as soon as possible. SANS also has more information. 4/13/2010: Microsoft has released this month's security bulletin. There are eleven updates in this release - five are rated critical. The official Microsoft bulletin is available here. Please test and install the updates as soon as possible. SANS also has more information. 4/3/2010: Apple has announced a new security patch for the Quicktime Player. This is a critical patch will fix multiple vulnerabilities that can allow remote code execution. Sans has information here. Apple information is available here. 3/30/2010: Microsoft announced an out of band patch for Internet Explorer 6 & 7. This is a critical patch that should be applied as soon as possible. Sans has information here. Microsoft information is available here. 3/30/2010: Apple has released new security updates for the operating systems OS X 10.5 and 10.6. Sans provides a summary of the security patch here. Specific info on the security content of the patch is available here. 3/9/2010: Microsoft has released this month's security bulletin. There are two updates in this release - both with a rating of Important. The official Microsoft bulletin is available here. Please test and install the updates timely. SANS also has more information. 2/18/2010: Mozzilla has released security releases for the Firefox browsers version 3.00 & 3.5. These releases include fixes for vulnerabilities that can be used for remote code exploits. 2/17/2010: Adobe has released new security updates for the Adobe Reader/Acrobat and Adobe Flash/AIR products. The Acrobat Reader patch affects the Windows, Macintosh and Unix platforms. Info is available here. The Adobe Flash player patch info is available here. 2/9/2010: Microsoft has released this month's security bulletin. There are thirteen updates in this release - five are categorized as critical. The official Microsoft bulletin is available here. Please update all vulnerable systems as soon as possible. SANS also has more information. 1/21/2010: RealNetworks has announced a patch for the RealPlayer for all platforms. Full details are available from RealNetworks. 1/21/2010: Mozilla has announced a new upgrade for the firefox browser. Sans has information here. Full details are available from Mozilla. Version 3.6 is available here. 1/21/2010: Microsoft announced an out of band patch for Internet Explorer. This is a critical patch that should be applied as soon as possible. Sans has information here. Microsoft information is available here. 1/21/2010: Adobe has released a new security patch for Adobe Shockware Player versions 11.5.2.602 and earlier. This affects both Windows & Macintosh platforms. This release fixes a critical vulnerability that can allow remote code execution. The Adobe announcement is available here. 1/19/2010: Apple has released new security updates for the operating systems OS X 10.5 and 10.6. Sans provides a summary of the security patch here. Specific info on the security content of the patch is available here. 1/13/2010: Adobe has released a new security patch for Adobe Reader & Acrobat. The release fixes a critical vulnerability that is being actively exploited. The Adobe announcement is available here. 1/12/2010: Microsoft has released this month's security bulletin. There is only one critical update in this release for Windows 2000. It is rated 'low' for all other versions of Windows. The official Microsoft bulletin is available here. Please update all vulnerable systems timely. SANS also has more information. 12/15/2009: The Mozilla Foundation has released multiple patches for the Firefox 3.0 and 3.5 browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. See this link for the Mozilla Security Advisories. 12/8/2009: Adobe has released a security bulletin to address multiple vulnerabilities in the flash player. The official Adobe bulletin is available here. Please update all vulnerable systems as soon as possible. SANS also has more information. 12/8/2009: Microsoft has released this month's security bulletin. There are three critical updates in this release. One of these vulnerabilities can infect a machine by visiting an infected web site. The official Microsoft bulletin is available here. Please update all vulnerable systems as soon as possible. SANS also has more information. 11/10/2009: Microsoft has released this month's security bulletin. There are three critical updates in this release. The official Microsoft bulletin is available here. Please update all vulnerable systems timely. SANS also has more information. 11/10/2009: Apple has released new security updates for the operating systems OS X 10.5 and 10.6. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here. 10/28/2009: The Mozilla Foundation has released multiple patches for the Firefox 3.0 and 3.5 browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. SANS lists information on the updates here. See this link for the Mozilla Security Advisories. 10/13/2009: Adobe has released a new security patch for Adobe Reader & Acrobat(9.2). The release fixes a critical vulnerability that is being actively exploited. The Adobe announcement is available here. 10/13/2009: Microsoft has released this month's security bulletin. There are eight critical updates in this release. The official Microsoft bulletin is available here. Please update all vulnerable systems timely. SANS also has more information. 9/10/2009: Apple has released new security updates for the operating systems OS X 10.4, 10.5 and 10.6. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here. There is also a new security update for the Quicktime player version 7.6.4. Info on all Apple security patches can be found at this site. 9/10/2009: The Mozilla Foundation has released multiple patches for the Firefox 3.0 and 3.5 browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. SANS lists information on the updates here. See this link for the Mozilla Security Advisories. 9/8/2009: Microsoft has released this month's security bulletin. There are five critical updates in this release. The official Microsoft bulletin is available here. Please update all vulnerable systems timely. SANS also has more information. 9/8/2009: Cisco Security Advisory can be found here: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products. Please verify your products and update right away. 9/1/2009: Detailed exploit code has been published on the Internet that targets vulnerabilities in the FTP Service in several Internet Information Services (IIS) versions. Here is the Microsoft Security Advisory, and SANS has some additional information. One work-around is to disable the FTP service on all IIS servers. 8/11/2009: Microsoft has released this month's security bulletin. There are nine updates in this release, with five having a critical rating. Please update all vulnerable systems immediately. SANS listed four with exploits being reported or observed. The patch for MS09-039 is for WINS, and has the potential to be exploited by a worm. Microsoft Security Research and Defense blog has a statement on the issue. The official Microsoft bulletin is available here. 8/6/2009: Apple has released new operating system patch(10.5.8) with multiple security fixes within the Mac OS X operating system. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here. Info on all Apple security patches can be found at this site. 8/3/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. SANS lists information on the updates here. See this link for the Mozilla Security Advisories. 7/30/2009: Adobe has released security patches for the Flash and Shockware players. These patches fix a critical vulnerability in these products that can lead to a remote exploit of code. All colleges are advised to apply these patches to any system that runs this software. Security bulletins from Adobe can be seen here. 7/28/2009: Microsoft has released two out-of-band security bulletins that help mitigate vulnerabilities in the Microsoft Active Template Library (ATL), which is used in Internet Explorer and Visual Studio. Please update all vulnerable systems immediately. The previous ActiveX killbit workaround looks like it can be bypassed by malicious users. SANS.org has more information on the subject. The official Microsoft update summary for July 2009 has been modified to include these additional updates (MS09-034 and MS09-035), which is available here. 7/14/2009: Microsoft has released July's security bulletin. There are six updates in this release, with three having a critical rating. Please update all vulnerable systems immediately, as one of the updates (MS09-032) resolves the Microsoft Video ActiveX Control vulnerability, and another update (MS09-028) resolves the other recently reported vulnerability in DirectShow. Sans.org has more info on their site. The official Microsoft bulletin is available here. 6/11/2009: The Mozilla Foundation has released a patch(3.0.11) for the Firefox browser. There are multiple fixes for security vulnerabilities some of which are rated as critical. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories. 6/9/2009: Microsoft has released this month's security bulletin. There are ten updates in this release, with six having a critical rating. Please update all vulnerable systems as soon as possible. Sans.org has more info on their site. The official Microsoft bulletin is available here. 6/3/2009: Apple has released a new version(7.6.2) of QuickTime that addresses multiple security vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. 5/12/2009: Apple has released new operating system patch(10.5.7) with multiple security fixes within the Mac OS X operating system. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Specific info on the security content of the patch is available here. Info on all Apple patches can be found at this site. 5/12/2009: Adobe has release a new version (9.1.1)of the Acrobat and Reader programs that fix multiple security vulnerabilities. There are known exploits for these vulnerabilities so the patch would be applied as soon as possible. There are patches available for the Windows, Macintosh and UNIX platforms. These updates should be tested by each college and installed timely. Sans.org is reporting more info here. The Adobe announcement is available here. 5/12/2009: Microsoft has released this month's security bulletin. There is only one patch being released, but it is a critical patch. The vulnerability is currently being exploited. Please patch all vulnerable systems as soon as possible. Sans.org has more info on their site. The official Microsoft bulletin is available here. Note that there is no patch available for this application on the Mac platform at this time. 4/27/2009: The Mozilla Foundation has released a new patch to correct a problem in the previous patch. This patch does have a critical rating as it can allow remote code execution. Sans.org lists information on the update here. See this link for the Mozilla Security Advisories. 4/22/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories. 4/16/2009: Oracle has announced their quarterly security update for various products. This announcement contains 43 security fixes across all products. The announcement from Oracle can be seen here. 4/9/2009: Microsoft has released this month's security bulletin. This update includes eight updates, with five of them rated as critical. Some of these updates are currently being exploited. These updates should be tested and installed by each college as soon as possible. Sans.org is reporting more info. The Microsoft bulletin is available here. 4/8/2009: Cisco has announced a security update for the PIX and ASA security appliances which fix multiple vulnerabilities that can lead to Denial of Service or authentication bypass. The announcement from Cisco can be seen here. 3/27/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories. 3/11/2009: Adobe has release a new version (9.1)of the Acrobat reader that fixes a security vulnerability. There are known exploits for this vulnerability so the patch would be applied as soon as possible. There are patches available for version 9 on the Windows and Macintosh only. Patches for other versions and platforms will soon follow. These updates should be tested by each college and installed timely. Sans.org is reporting more info here. The Adobe announcement is available here. 3/10/2009: Microsoft has released this month's Security Bulletin. It includes three updates, with one rated as critical. The critical patch is for a vulnerability in the Windows kernel. These updates should be tested by each college and installed timely. Sans.org is reporting more info and Microsoft has additional details available here. 3/5/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories. 2/24/2009: Adobe has release a patch for the flash player that has updates to multiple vulnerabilities. The vulnerabilities are rated with critical or important significance. The patches should be tested by each college and installed in a timely fashion. Sans.org is reporting more info here and the Adobe details are available here. 2/13/2009: Apple has released new security patches (10.4.11 and 10.5.6) to fix multiple vulnerabilities within the Mac OS X operating system. There are also new Java updates available for these operating systems. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Info on all Apple patches can be found at this site. 2/10/2009: Microsoft has released the monthly security patch for multiple vulnerabilities. The vulnerabilities are rated with critical or important significance. The patches should be tested by each college and installed in a timely fashion. Sans.org is reporting more info here and the Microsoft details are available here. 2/6/2009: HP has announced a vulnerability in certain printers that can allow unauthorized access to stored documents. Sans provides more info here. The HP announcement is listed here with info on patching the firmware on the printers. 2/4/2009: Cisco has announced multiple vulnerabilities in the wireless LAN controllers. These vulnerabilities can lead to Denial of Service or privilege escalation. This Cisco advisory provides further information. 2/4/2009: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories. 1/21/2009: Apple has released a new version(7.6) of QuickTime that addresses multiple security vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. 1/13/2009: Microsoft has released only one patch in this month's Security Bulletin. It is rated Critical for a vulnerability in Microsoft's Server Message Block protocol. This patch should be tested by each college and installed timely. Sans.org is reporting more info and Microsoft has additional details available here. 12/23/2008: Microsoft is investigating new public reports of a vulnerability that could allow remote code execution on systems with supported editions of Microsoft SQL Server. More information can be found here. 12/17/2008: Microsoft has released another out-of-band security patch. This is rated as critical and could allow remote code execution. The vulnerability can affect multiple versions of Internet Explorer. Remote exploit code is available in the wild for IE7 so this patch should be tested and deployed immediately. Info on the patch from Sans.org can be found here. The patch and details about it are available here from Microsoft. 12/15/2008: Apple has released a new security update(10.5.6) to fix vulnerabilities within the Mac OS X operating system. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Info on all Apple patches can be found at this site. 12/9/2008: Microsoft has released eight patches in this month's Security Bulletin. Six are rated Critical. The ISC rating on one (MS08-070) is "patch now" for client machines. This month's patches should be tested by each college and deployed as soon as possible. Sans.org is reporting more info on these patches. The patches and details about them are available here.In addition, there is another advisory regarding a reported vulnerability in the WordPad text converter. Microsoft will be looking into this and will be sending further information at the completion of that investigation. More information can be found here.
11/13/2008: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories. 11/11/2008: Microsoft has released this month's Security Bulletin. There are two updates in this release, one rated critical. These patches should be tested and deployed as soon as possible. The patches and details about them are available here from Microsoft and here from SANS.org. 11/5/2008: Adobe has released an new security patch for the Adobe reader version 8.1.2 and earlier. Version 9 is not affected by these vulnerabilities. This new patch has a number of fixes could allow remote code execution. Info on the patch from Sans.org can be found here. The patch and details about it are available here from Adobe. 10/23/2008: Microsoft has released an out-of-band security patch. This is rated as critical and could allow remote code execution. This can affect multiple versions of the windows operating systems. Remote exploit code is available in the wild so this patch should be tested and deployed immediately. Info on the patch from Sans.org can be found here. The patch and details about it are available here from Microsoft. 10/14/2008: Microsoft has released eleven patches in this month's Security Bulletin. Four are rated critical, six are rated as important, and one is moderate. This month's patches should be tested and deployed immediately. See Microsoft's new Exploitability Index for help prioritizing the updates. The patches and details about them are available here from Microsoft. 10/10/2008: Apple has released a new security update to fix vulnerabilities within the Mac OS X operating systems(10.4 & 10.5). Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Info on all Apple patches can be found at this site. 9/15/2008: Apple has released a security update(10.5.5) to fix vulnerabilities within the Mac OS X operating systems(10.4 & 10.5). Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Info on all Apple patches can be found at this site. 9/10/2008: Apple has released a new version(7.5.5) of QuickTime that addresses multiple security vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. 9/9/2008: Microsoft has released four patches in this month's Security Bulletin. All four are rated critical but are not being actively exploited at this time. This month's patches should be tested and deployed as soon as possible. Sans.org is reporting more info on these patches. The patches and details about them are available here from Microsoft. 8/12/2008: Microsoft has released eleven patches in this month's Security Bulletin. Six are rated critical and one is being actively exploited. This month's patches should be deployed right away. Sans.org is reporting more info on these patches. The patches and details about them are available here from Microsoft. 7/8/2008: Microsoft has released four patches in this month's Security Bulletin. These are all rated important. This month's patches should be tested by each college and deployed timely. Sans.org is reporting more info on these patches. The patches and details about them are available here from Microsoft. 7/1/2008: Apple has released a security update(10.5.4) to fix vulnerabilities within the Mac OS X operating system and a update(3.1.2) to the Safari browser. SANS provides an announcement of the security patches here. Info on these patches from Apple can be seen here:(OS and Safari). Info on all Apple patches can be found at this site. 6/19/2008: Microsoft has re-released MS08-030, which was originally included in the June monthly patch update. This updated patch should be tested and rolled out to all vulnerable workstations. 6/10/2008: Apple has released a new version(7.5) of QuickTime that addresses multiple vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. 6/10/2008: Microsoft has released seven patches in this month's Security Bulletin. Three are rated Critical. This month's patches should be tested by each college and deployed timely. Sans.org is reporting more info on these patches. The patches and details about them are available here. 6/5/2008: Cisco has announced a security update for the PIX and ASA firewalls which fixes 5 vulnerabilities that can lead to Denial of Service or bypass of specific ACLs. Sans provides a summary of the security updates here. Info on this advisory from Cisco can be seen here. 5/29/2008: Apple has released a security update(10.5.3) to fix vulnerabilities within the Mac OS X operating system. Sans provides a summary of the security patch here. Info on this patch from Apple can be seen here. Info on all Apple patches can be found at this site. 5/21/2008: Cisco has released a security advisory for an IOS Secure Shell Server vulnerability. If the vulnerable IOS versions are being used, it is recommended that the updates be applied as soon as possible. 5/14/2008: Cisco has released three security advisories to address vulnerabilities in Cisco Unified Communications Manager, Unified Presence, and the Content Switching Module. These vulnerabilities may allow an attacker to cause a denial-of-service condition on the affected system. The vulnerabilities were apparently discovered internally, so no exploits are circulating yet. It is recommended that the updates for these products be applied timely. 5/13/2008: Microsoft has released four fixes to close a half dozen security holes in this month's Security Bulletin. Three of the fixes are rated critical, including a vulnerability in the Microsoft Jet database which is currently being exploited by attackers. Colleges should test and deploy these patches right away. Sans.org has more information in addition to the details on these updates available here. 4/10/2008: Real.com has released a patch for it's Real Player that patches a vulnerability that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Read about the vulnerability here. You should upgrade to RealPlayer 11.0.2 by clicking Tools - Check for Update from the RealPlayer console. Colleges should review the advisories and patch the affected products to avoid attacks. 4/9/2008: Adobe has released a patch to Adobe Flash Player 9 that addresses a critical vulnerability that could lead to the potential execution of arbitrary code remotely. The update also includes DNS rebinding attack and cross-domain policy countermeasures. You should update to the latest version of Adobe Flash Player, version 9.0.124.0 available here. Colleges should review the advisories and patch the affected products to avoid attacks. 4/8/2008: Microsoft has released five critical patches in this month's Security Bulletin. This month's patches should be tested and deployed as soon as possible at each college. Sans.org is reporting that proof-of-concept exploits for MS08-023 have already been posted on the Internet. The patches and details about them are available here. 4/3/2008: Apple has released a new version(7.4.5) of QuickTime that addresses 11 vulnerabilities. This new version can affect multiple operating systems (Mac OS X, Windows XP and Vista). Apple is listing the information on the update here. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. 3/26/2008: Cisco Systems has released the bi-annual patch for IOS. This patch includes fixes for conditions that may cause a denial of service. Colleges should review the advisories and patch the affected products to avoid attacks. Sans.org lists information on the updates here. All Cisco security advisories can be found at this site. 3/26/2008: The Mozilla Foundation has released multiple patches for the Firefox and similar browsers. Some of these patches have fixes for critical vulnerabilities that can allow remote exploitation of a computer. Sans.org lists information on the updates here. See this link for the Mozilla Security Advisories. 3/19/2008: Apple has released a security update to fix vulnerabilities within the Mac OS X operating system. The updates are for both the Tiger(10.4) and Leopard(10.5) users. Info on this patch from Apple can be seen here. There is also a separate patch for the Safari browser. Info on all Apple patches can be found at this site. 3/11/2008: Microsoft has released four patches in this month's Security Bulletin. All four are rated Critical for specific MS Office versions. This month's patches should be checked by each college and deployed as soon as possible. Sans.org is reporting more info on these patches. The patches and details about them are available here. 2/12/2008: Microsoft has released eleven patches in this month's Security Bulletin. Six are rated Critical. This month's patches should be tested by each college and deployed as soon as possible. Sans.org is reporting more info on these patches. The patches and details about them are available here. 2/11/2008: Apple has released a security update to fix 10 vulnerabilities within the Mac OS X operating system. The updates are for both the Tiger and Leopard users. Sans.org is reporting more info on these patches. Info from Apple can be seen here. Info on all Apple patches can be found at this site. 2/9/2008: Adobe Reader/Acrobat Vulnerability. The Adobe Reader vulnerability is being exploited in the wild according to Sans.org. The update for this vulnerability should be installed on all clients as soon as possible. Additional information can be found at McAfee.com and at Adobe. 1/8/2008: Microsoft has released two patches in this month's Security Bulletin. One is rated Critical. This month's patches should be tested by each college and deployed as soon as possible. Sans.org is reporting more info on these patches. The patches and details about them are available here. 12/14/2007: A QuickTime vulnerability is actively being exploited. The patch for the vulnerability should be pushed out all clients as soon as possible. Information about the vulnerability can be found at Sans.org and the latest QuickTime release can be found on Apple's web site found here. 12/11/2007: Microsoft has released seven patches in this month's Security Bulletin. Three of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. Sans.org is reporting more info on these patches. The patches and details about them are available here. 11/13/2007: Microsoft has released two patches in this month's Security Bulletin. One of these patches is rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. Sans.org is reporting more info on these patches. The patches and details about them are available here. 10/9/2007: Microsoft has released seven patches in this month's Security Bulletin. Four of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. Sans.org is reporting that three of the seven vulnerabilities have been publicly known for some time. The patches and details about them are available here. 9/11/2007: Microsoft has released four patches in this month's Security Bulletin. One of these patches is rated Critical for Windows 2000 sp4. This month's patches should be tested by each college before being deployed. The patches and details about them are available here. 8/14/2007: Microsoft has released nine patches in this month's Security Bulletin. Six of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 7/10/2007: Microsoft has released six patches in this month's Security Bulletin. Three of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 6/12/2007: Microsoft has released six patches in this month's Security Bulletin. Four of these patches are rated Critical. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 5/08/2007: Microsoft has released seven patches in this month's Security Bulletin. All of these patches are rated Critical. Sans.org is reporting that three of the seven vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 5/07/2007: Apple has released a new version of QuickTime that fixes a highly critical vulnerability. The new version is QuickTime 7.1.6. An exploit is expected to be publicly available shortly and it is advised that all systems running this software be upgraded as soon as possible. More information can be found at Apples web site here. 4/10/2007: Microsoft has released six patches in this month's Security Bulletin. Five of these patches are rated Critical. Sans.org is reporting that two of the six vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 4/03/2007: Microsoft has released the Security Bulletin Summary for April 2007 which contains the patch for the ANI vulnerability discussed below. This vulnerability is currently being exploited and it is highly recommended that this patch be applied as soon as possible. Each college should thoroughly test this patch before installing it on their systems. 4/02/2007: Microsoft is planning on releasing an out-of-cycle patch to address the below ANI vulnerability. This patch will be available on Tuesday, 4/03/2007. More information will be posted when the patch has been released. 3/29/2007: Microsoft is investigating reports of a new unpatched attack that is actively being exploited on the internet. The vulnerability is caused by Windows failing to properly handle specially crafted animated cursor (ANI) files. More information can be found here at Microsoft's web site along with suggested workarounds. 2/13/2007: Microsoft has released 12 patches in this month's Security Bulletin. Six of these patches are rated Critical. Sans.org is reporting that six of the twelve vulnerabilities either already have exploit code that's been publicly released or exploit code that is expected to be released soon. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 1/9/2007: Microsoft has released four patches in this months Security Bulletin. three of these patches are rated Critical. Sans.org is reporting that three of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.Two other applications have announced vulnerabilities: Apple QuickTime and Adobe Reader. Read more about each vulnerability here:
Be aware that a buffer overflow has been announced for Apple QuickTime RTSP and currently does not have a patch available. An attacker may be able to execute arbitrary code or cause a denial of service on vulnerable clients by convincing the user to open specially crafted QuickTime content. This affects both Mac and Windows clients and also applies to other software (such as iTunes) that use vulnerable QuickTime components. Read more about the vulnerability can be found here as well as suggested workarounds: http://www.kb.cert.org/vuls/id/442497.
If you have Adobe Reader or Acrobat version 7.0.8 or earlier installed, you must upgrade to version 8.0 to be protected from a recent cross-site scripting vulnerability just announced when accessing.pdf files from a web browser. The vulnerability allows remote attackers to execute arbitrary code depending on the browser used (both Microsoft IE and Firefox were listed, see this link for more info). Upgrading to version 8.0 protects you from these exploits.
12/12/2006: Microsoft has released seven patches in this months Security Bulletin. three of these patches are rated Critical. Sans.org is reporting that two of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.Microsoft is also investigating a report of "zero-day" attacks taking advantage of a vulnerability in ALL recent versions of Microsoft Word and Microsoft Works for both Windows & MAC. Read more about it here.
As always and should be common practice, it is critically important that you DO NOT OPEN ANY unsolicited WORD DOCUMENTS from both known and unknown sources, including email and the web. 11/14/2006: Microsoft has released six patches in this months Security Bulletin. Five of these patches are rated Critical. Sans.org is reporting that two of these vulnerabilities already have exploit code that's been publicly released. This month's patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 10/10/2006: Microsoft has released 10 patches in this months Security Bulletin. Six of these patches are rated Critical. Sans.org is reporting that one of these vulnerabilities already has exploit code that's been publicly released (MS06-057). These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.Check out McAfee's notice about forcing all automatic updates to download the 5.1.00 engine starting on October 30th. This is to prepare for the release of their 8.5 VirusScan engine. They recommend that you voluntarily move to 5.1.00 before the cut off of October 30th. Please see their notice about this update change. If you haven't already pushed out engine 5100, then you should think about doing it before the end of this month.
09/27/2006: Microsoft has released a Critical Security Bulletin (MS06-055) which could allow Remote Code Execution and Complete Control of the affected System. This vulnerability is in the Vector Markup Language and affects Windows 2000, Windows XP and Windows 2003. It is recommended that you test and deploy the patch for this vulnerability as soon as possible. The patch and details about it are available here. 09/13/2006: Microsoft has released three patches in this months Security Bulletin. One of these is rated as Critical and affects Microsoft Publisher. If you are using this software, it is recommended that you test and deploy the patch as soon as possible. The patches and details about them are available here. Microsoft has also re-released two patches for previously disclosed vulnerabilities - MS06-040 and MS06-042. These new patches include fixes to newly discovered issues. Specifically, if you have systems still running Internet Explorer 6 SP1 or Internet Explorer 5 SP4, those systems are still vulnerable to exploit and should be patched for the MS06-042 vulnerability or update to the latest version. 08/10/2006: Microsoft has released 12 patches in this months Security Bulletin. Nine of these patches are rated Critical. Sans is reporting that three of these vulnerabilities already have exploit code that's been released. Of particular note is MS06-040 which has the potential to be turned into a worm and propagate itself across the network. These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here. 07/17/2006: McAfee has announced a critical vulnerability in its EPO agent software which could allow remote code execution. Specific details of the vulnerability are available from eEye Digital Security. To find out if your agent software is vulnerable and directions on how to download and deploy the latest agent software, please visit McAfee's web site located here. 06/20/2006: Microsoft has announced a zero day vulnerability in Excel that could allow Remote Code Execution (Advisory 921365). There is currently no patch available. Some Anti-Virus vendors may detect some portions of this exploit, but it is recommended that you follow best practices described here to protect yourself. 6/15/2006: Microsoft has released 12 patches in this months Security Bulletin. Eight of these patches are rated Critical. Sans is reporting that five of these vulnerabilities already have exploit code that's been released. These patches should be tested by each college and it is highly recommended that they be deployed as soon as possible. The patches and details about them are available here.Mozilla Firefox has release a patch for a vulnerability in its browser. The flaw has to do with an exploitable crash in InstallVersion.CompareTo. A proof of concept exploit has been posted. The patch and details about it are available here.
4/18/2006: Mozilla Products Contain Multiple Vulnerabilities. 3/16/2006: Adobe Macromedia Flash Products Contain Vulnerabilities 1/17/2006: A new exploit has been released utilizing the Stack Overflow vulnerability in Veritas Netbackup Enterprise Server. A specifically crafted packet, sent to the Volume Manager via port 13701, will cause a stack overflow, allowing the attacker to run code of her/his choosing. Authentication by the attacker is not needed to take advantage of this vulnerability. The security packs that address this vulnerability, Symantec Advisory #SYM05-024, can be found here.
6/1/2005: Apple has released new security updates. 2/17/2005: New variant of MyDoom spreads again on Internet. At least one machine at CT Community Colleges was affected! Remember to keep your anti-virus definition files up to date! 1/10/2005: IE vulnerability allows malicious websites to take control of your computer without any user interaction 12/15/2004: Username/Password Vulnerability in Cisco Unity Product 12/15/2004: Microsoft releases 5 Important updates that affect Wordpad, Hyperterminal, LSASS, DHCP and WINS (MS04-041 through MS04-045) 12/10/2004: Vulnerability announced that allows hijacking of pop-ups 12/08/2004: Be aware of Google Desktop Search when on public machinesThe Microsoft announcement, specifically the FAQ section, should answer your questions on this vulnerability and how it affects you.
The official Microsoft patch is due to be released earlier than the scheduled January 10th. The new announcement states it will be released on January 5th. Be aware that an unofficial patch is available on the Internet and that we do not recommend applying any unofficial patches.
Even though this is a serious vulnerability that needs to be patched, the Microsoft announcement notes:
- anti-virus companies indicate that attacks based on exploiting the WMF vulnerability are being effectively mitigated through up-to-date signatures;
- customers who follow safe browsing best practices are not likely to be compromised by any exploitation of the WMF vulnerability. Users should take care not to visit unfamiliar or un-trusted Web sites that could potentially host the malicious code.