Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review Microsoft’s July 2020 Security Update Summary and Deployment Information and apply the necessary updates....
Microsoft Addresses ‘Wormable’ RCE Vulnerability in Windows DNS Server
Microsoft has released a security update to address a remote code execution (RCE) vulnerability—CVE-2020-1350—in Windows DNS Server. A remote attacker could exploit this vulnerability to take control of an affected system. This is considered a “wormable” vulnerability that affects all Windows Server versions. Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review Microsoft’s Security Advisory and Blog for more information, and apply the necessary update and workaround....
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. Download Manager APSB20-49 ColdFusion APSB20-43 Genuine Service APSB20-42 Media Encoder APSB20-36 Creative Cloud Desktop Application APSB20-33...
Apache Releases Security Advisory for Apache Tomcat
The Apache Software Foundation has released security advisories to address multiple vulnerabilities in Apache Tomcat. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. Therefore, Bhutan Computer Incident Response Team recommends users and administrators to review the Apache security advisories for CVE-2020-13934 and CVE-2020-13935 and upgrade to the appropriate version....
Mozilla Releases Security Updates
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. TTherefore, Bhutan Computer Incident Response Team recommends users and administrators to review the Mozilla Security Advisories for Firefox 78 and Firefox ESR 68.10 and apply the necessary updates....