Adobe has released security updates for multiple products to include Adobe Acrobat and Reader, Flash and other products.
Microsoft issued the February 2020 Security Updates that include 101 unique vulnerability fixes, 13 of those rated critical. The update also includes a patch for an IE zero-day scripting engine vulnerability CVE-2020-0674 disclosed in January.
Google has released Chrome 80 (version 80.0.3987.87) for Windows, Mac and Linux. The update includes a number of fixes and improvements in the popular browser. The company also added a Chrome browser update for Android.
Security experts from Microsoft have revealed threat actors are increasingly using web shell attacks in their campaigns. Microsoft's investigation revealed actors such as ZINC, KRYPTON, and GALLIUM, exploit known vulnerabilities to implant web shells on internet-facing web servers.
Microsoft issued a new security advisory for Intel microcode updates for Windows 10 versions 1903 and 1909. The updates also address a known vulnerability behind a Zombieload attack. In addition, a targeted update for Windows Server 2019 version 1903 was also available.
Adobe has released security updates that fix multiple vulnerabilities in Magento Commerce and Open Source editions.
Security researchers have discovered a new vulnerability in OpenBSD's OpenSMTPD mail server. An attacker could exploit the remote code execution vulnerability CVE-2020-7247 and execute arbitrary shell commands with elevated privileges.
Apple has released security updates for iOS 13.3.1, macOS Catalina 10.15.3, Safari 13.0.5 and other products.
Remote conferencing service company, Zoom, has patched a vulnerability that could allow a bad actor to eavesdrop on your company's online meetings.
Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.