Published: May 28, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
If you haven’t updated your operating systems and other software in a while, it’s time to get with the program! Hundreds of security updates from Android to Apple, from browsers to software have been released recently. For Google Chrome and Apple iOS users, their patches included fixes for flaws already being exploited. Remember, cybercriminals don’t wait for us to catch up on our patch updates before they attack. And if we wait to apply them, we’re basically holding the door wide open for cyber-intruders. Below is a snapshot of the updates, and chances are your devices and software may need more than one. So, don’t wait to update!
Google’s Mobile OS
Released 44 flaw patches in two parts for its mobile operating system.
2022-04-01 security patch for most of these devices.
2022-04-05 security patch for particular phones and tablets.
Check your device settings for these updates.
Google Chrome Emergency Fixes
CVE-2022-1364 Fixes two flaws, including a zero-day flaw currently being exploited. Affects Chromium-powered browsers such as Microsoft Edge, Google Chrome, Brave and others.
Apple Patches
iOS and iPadOS running 15.4.1 - CVE-2022-22675 Flaw is currently being exploited allowing attackers to get total control of a device.
macOS running Monterey 12.3.1 - CVE-2022-22674 Fixes flaw in Intel graphics driver, may have already been exploited.
Updates to watchOS 8.5.1 and tvOS 15.4.1, with bug fixes.
Microsoft Patches-More than 100 vulnerabilities patched, ten are rated critical.
CVE-2022-24521 rated critical, currently being exploited. Among the most important critical patch updates.
CVE-2022-22713 vulnerability in Microsoft’s Hyper-V virtualization platform. May allow an attacker to successfully exploit an internal race condition to lead to a potential denial-of-service scenario.
CVE-2022-26923 vulnerability in Active Directory is an elevation of privileges issues. If exploited, may provide access to your domain.
Oracle Patches-Total of 520 fixes, 75 rated as critical, 300 involve remote exploits.
CVE-2022-22965 fixes remote code execution flaw.
Mozilla Thunderbird Patches-Security fixes for Thunderbird email client and Firefox browser.
Thunderbird 91.8.0 fixes four high-impact vulnerabilities.
Firefox ESR 91.8 and Firefox 99 also patch several security issues.
WordPress Patch
Plugin Elementor Version 3.6.3 fixes critical flaw found in 3.6.0. Attackers can exploit for remote code execution allowing a full website take-over.
There are certainly more to watch for, so if you haven’t done a checkup to see what patches are now available for your systems, take some time to do it. Remember, unpatched vulnerabilities leave your systems open for attack. Don't wait longer than necessary to apply them.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com
Comments