[Micronet] Patch Tuesday Updates for March 2016

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Micronet] Patch Tuesday Updates for March 2016

Ben Gross
Hi Micronet,

Here is a brief overview of the patch Tuesday updates. Microsoft released 13 bulletins of which 5 are rated critical. There are critical fixes with the potential for remote code execution IE, Edge, Microsoft Word, Windows Media Play, the font rendering library, and the Microsoft PDF library.

Adobe released three critical security updates  for Adobe Acrobat and Reader with a priority rating of 2, meaning that there is a high risk, but there is no known exploit yet. If you also use Adobe Digital Editions, there is a critical fixe for that as well. All of these potentially involve remote code execution, you should patch ASAP.  There was no Flash update this month, but Adobe says one is coming soon.

Google releases and update to the stable channel version 49.0.2623.87 with three security fixes rated high.

Mozilla released Firefox 45 with 8 critical and 7 high severity security fixes .

If you run PuTTY, then you should also upgrade since the project released version 0.67, which contains several security fixes and the installer and executable are now signed. If you run WinSCP, you should patch that as well due to both the PuTTY upgrades and the OpenSSL upgrades.

There were no security patches from Apple today.

Since it is always worth mentioning, the next Oracle quarterly Critical Patch Update is April 19.

References:

2016 Bulletin Summaries

Security Advisories 2016

March 2016 Security Update Release Summary - Microsoft Security Response Center - Site Home - TechNet Blogs

March 2016 Office Update Release | Office Updates

Office Updates

March 2016 Microsoft Patch Tuesday Security Bulletins | Threatpost | The first stop for security news

March 2016 Adobe Acrobat, Reader, Digital Editions Patches | Threatpost | The first stop for security news

Patch Tuesday March 2016 - Qualys Blog

March Patch Tuesday 2016 | Shavlik

Microsoft Patch Tuesday - SANS Internet Storm Center

Adobe Security Bulletin
Security Updates Available for Adobe Acrobat and Reader
Release date: March 3, 2016
Last updated: March 8, 2016
Vulnerability identifier: APSB16-09
Priority: 2
CVE Numbers: CVE-2016-1007, CVE-2016-1008, CVE-2016-1009
Platform: Windows and Macintosh

Adobe Security Bulletin
Security update available for Adobe Digital Editions
Release date: March 8, 2016
Vulnerability identifier: APSB16-06
Priority: 3
CVE number: CVE-2016-0954
Platform: Windows, Macintosh, iOS and Android

Chrome Releases: Stable Channel Update

Firefox - Notes (45.0) - Mozilla

Security Advisories for Firefox - Mozilla

Firefox 45 for developers - Mozilla | MDN

Firefox 45: Find out what is new - gHacks Tech News

PuTTY Change Log

WinSCP :: Official Site :: Download

Thank you,
Ben Gross
Manager, Endpoint Engineering and Infrastructure
Information Services and Technology Division
University of California, Berkeley

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
Loading...