For the third time this year, Microsoft has warned users and organizations to stay vigilant against BlueKeep and patch their systems. In collaboration with security researchers, Microsoft investigated recent system crashes have been caused by a BlueKeep Metasploit module.
Organizations should prioritize getting rid of end-of-support (EOS) software. To assist in that effort, the Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an EOS software report list.
Apple has released security updates for iOS, macOS, watchOS, Safari, iCloud, tvOS and iTunes.
Google has released a new security update for Chrome browser 78.0.3904.87 for Windows, Mac and Linux. There are reports of one of those vulnerabilities CVE-2019-13720 being exploited in the wild.
Samba has released a software update and patches for three security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
A recently patched vulnerability in newer versions of the PHP programming language is being exploited in the wild. The remote code execution (RCE) bug could allow an attacker to take over NGINX servers.
Google has released a new stable channel update for Chrome 78 browser for Windows, Mac, Linux, Android and iOS. The update also include numerous new feature enhancements to include a dark theme, Password Checkup tool and DNS-over-HTTPS (DoH) protocol trial.
Mozilla has released Firefox 70 and security advisory to address multiple vulnerabilities.
Cisco has warned new proof-of-concept (PoC) code demonstrates how an attacker could exploit a critical vulnerability in the Cisco IOS XE REST API.
The Kubernetes patch team has released new patches for two Kubernetes vulnerabilities CVE-2019-16276 and CVE-2019-11253.