Microsoft issued the December 2019 Security Updates that include 36 unique vulnerability fixes, 7 of those rated critical and 29 rated important. One of the patches addresses a Win32k vulnerability under active attack in the wild.
VMware has released security updates to address a Critical OpenSLP remote code execution vulnerability (CVE-2019-5544) in ESXi and Horizon DaaS.
Microsoft has issued a security advisory for vulnerability CVE-2017-15361 that impacts certain Trusted Platform Module (TPM) chipsets and used for Windows Hello for Business. The company issued steps to detect and mitigate the issue.
The Mozilla Foundation has released Firefox 71 that addresses multiple vulnerabilities. Attackers could exploit some of the vulnerabilities to take control of impacted systems.
The Internet Systems Consortium (ISC) has released a security update that fixes a vulnerability in multiple versions of ISC Berkeley Internet Name Domain (BIND).
Google has released a new security update for Chrome browser 78.0.3904.108 for Windows, Mac and Linux, as well as a Chrome OS update.
GitHub, one of the world’s leading software development platforms, has launched GitHub Security Lab with aim to secure open source software.
VMware has published a security advisory for multiple vulnerabilities that impact VMware ESXi, Workstation, and Fusion.
Microsoft issued the November 2019 Security Updates that include 74 unique vulnerability fixes, 13 of those rated critical. In addition, Microsoft provided guidance for a vulnerability CVE-2019-16863 in Trusted Platform Module (TPM).
For the third time this year, Microsoft has warned users and organizations to stay vigilant against BlueKeep and patch their systems. In collaboration with security researchers, Microsoft investigated recent system crashes have been caused by a BlueKeep Metasploit module.