Google Releases Security Updates for Chrome

Google has released Chrome version 84.0.4147.89 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Therefore, Bhutan Computer Incident Response Team recommends  users and administrators to review  the Chrome Release and apply the necessary updates

Microsoft Releases Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, Bhutan Computer Incident Response Team recommends  users and administrators to review  Microsoft’s July 2020 Security Update Summary and Deployment Information and apply the necessary updates.

Microsoft Addresses ‘Wormable’ RCE Vulnerability in Windows DNS Server

Microsoft has released a security update to address a remote code execution (RCE) vulnerability—CVE-2020-1350—in Windows DNS Server. A remote attacker could exploit this vulnerability to take control of an affected system. This is considered a “wormable” vulnerability that affects all Windows Server versions. Therefore, Bhutan Computer Incident Response Team recommends  users and administrators to review Microsoft’s Security Advisory and Blog for more information, and apply the necessary update and workaround.

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Therefore, Bhutan Computer Incident Response Team recommends  users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. Download Manager APSB20-49 ColdFusion APSB20-43 Genuine Service APSB20-42 Media Encoder APSB20-36 Creative Cloud Desktop Application APSB20-33

Apache Releases Security Advisory for Apache Tomcat

The Apache Software Foundation has released security advisories to address multiple vulnerabilities in Apache Tomcat. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. Therefore, Bhutan Computer Incident Response Team recommends  users and administrators to review the Apache security advisories for CVE-2020-13934 and CVE-2020-13935 and upgrade to the appropriate version.