Security Leftovers
-
Security updates for Tuesday [LWN.net]
Security updates have been issued by Debian (connman and python-oslo.utils), Fedora (libapreq2), Red Hat (booth, gnupg2, kernel, kernel-rt, mariadb:10.3, nodejs:14, nodejs:16, python3, ruby:2.7, and ruby:3.0), SUSE (chromium, opera, python2-numpy, and rubygem-kramdown), and Ubuntu (poppler).
-
Apple Releases Security Updates for Multiple Products | CISA
An attacker could exploit some of these vulnerabilities to take control of an affected device.
-
CISA Releases Five Industrial Control Systems Advisories | CISA
CISA released five Industrial Control Systems (ICS) advisories on September 13, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
-
Microsoft monthly patch release 'on the lighter side'
Microsoft has released patches for 62 CVEs on its monthly Patch Tuesday, with five rated as critical and 57 rated as important.
The security firm Tenable said it had omitted one fix, CVE-2022-23960, a cache speculation restriction vulnerability as it was issued by MITRE and applied to Arm CPUs.
Tenable staff research engineer Satnam Narang said Microsoft had patched CVE-2022-37969, an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver.
[...]
"All three CVEs are considered critical and carry a CVSSv3 base score of 9.8..."
-
Microsoft Releases September 2022 Security Updates | CISA
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.
-
Adobe Releases Security Updates for Multiple Products | CISA
An attacker could exploit some of these vulnerabilities to take control of an affected system.