PC Security and Other Useful Information

Security Mailer V18 #20

• Adobe security bulletins and updates for Acrobat, Reader, Photoshop
• Browser Pale Moon update
• Cisco security advisories
• Linux updates
• Microsoft security bulletins revised
• General Security reviews last week

Cisco Releases Security Updates

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

• Digital Network Architecture Center Static Credentials Vulnerability cisco-sa-20180516-dnac
• Digital Network Architecture Center Authentication Bypass Vulnerability cisco-sa-20180516-dna2
• Digital Network Architecture Center Unauthorized Access Vulnerability cisco-sa-20180516-dna
• Enterprise NFV Infrastructure Software Linux Shell Access Vulnerability cisco-sa-20180516-nfvis
• Meeting Server Media Services Denial-of-Service Vulnerability cisco-sa-20180516-msms
• Identity Services Engine EAP TLS Certificate Denial-of-Service Vulnerability cisco-sa-20180516-iseeap
• IoT Field Network Director Cross-Site Request Forgery Vulnerability cisco-sa-20180516-fnd

How to keep apps removed from Windows 10 from returning during an update

• This issue only occurs after a feature update (from one version to the next), not monthly updates or security-related updates.
• This only applies to first-party apps that shipped with Windows 10. This doesn’t apply to third-party apps, Microsoft Store apps, or LOB apps

Security Mailer V18 #19

• Adobe updates including Flash Player
• Apple adds to Security Update 2018-001
• Browser updates for Firefox and Pale Moon
• Cisco security advisory
• Linux updates
• Microsoft
  • Tuesday security releases,
  • advisories
  • updates, revisions
  • Office updates
• General Security review of last weeks vulnerabilities

Security Bulletins Posted

Adobe has published security bulletins for:

• Adobe Creative Cloud Desktop Application (APSB18-12)
• Adobe Flash Player (APSB18-16)
• Adobe Connect (APSB18-18).

  Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.

Be aware of this after you update to the April Update. Supposedly, newer Windows Insider builds have teh option restored.

Windows 10 April Update Removes Shutdown without Updating Option

Think You’ve Got Your Credit Freezes Covered? Think Again.

Security Mailer V18 #18

• Cisco Security Advisories; Linux updates
• Microsoft
  • New updates for Specter
  • update revisions
  • Office non-security updates
  • some Windows 10 issues after latest version update
• General Security review of last week
• Oracle patch for Fusion Middleware can be bypassed leaving WebLogic critically vulnerable again

New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia

“Symantec has identified a new attack group dubbed Orangeworm deploying the Kwampirs backdoor in a targeted attack campaign against the healthcare sector and related industries.”

Twitter to All Users: Change Your Password Now!