Patch | SC Media

Patch

Adobe mends critical code execution flaws in Magento

Adobe this week released a security update fixing four vulnerabilities – two critical – in its Magento Commerce 2 and Magento Open Source 2 e-commerce platforms. The two most significant bugs are identified as a path traversal flaw (CVE-2020-9689) and a Security Mitigation bypass (CVE-2020-9692), both of which can result in arbitrary code execution. The first issue is credited was reported by…

Microsoft sounds alarm to fix wormable bug “SIGRed”

Microsoft Corporation on Patch Tuesday addressed 123 vulnerabilities — 18 of them critical — including a “wormable” flaw in Windows DNS Service that could be leveraged to execute remote code in the context of the Local System Account and then spread malware across various network devices. Officially designated CVE-2020-1350, the wormable flaw is caused by…

Cisco pushes out almost three dozen security updates

Cisco released a batch of 34 security updates with 12 being rated as a high priority. Eight of the high-rated advisories impacting the company’s Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software while all of them involve the latter software product. A few of the more critical problems were CVE-2020-3187, a vulnerability…

Microsoft patches Word and Office 365 for Autodesk FBX library flaws

Microsoft issued an out-of-band updateto patch vulnerabilities for a variety of company products that use the C++ software development platform and API toolkit Autodesk FBX library. The important-rated vulnerabilities are covered by CVE-2020-7080, CVE-2020-7081, CVE-2020-7082, CVE-2020-7083, CVE-2020-7084 and CVE-2020-7085. These can lead to remote code execution if exploited which can be done if it processes…

Next post in Vulnerabilities