The Microsoft Corporation has released a comprehensive security bulletin for the month of March 2016 detailing all known vulnerabilities and the updates that address them. A total of 13 updates were covered in this release that detailed a total of 44 vulnerabilities that were found and patched as required. The software that this update addressed includes Internet Explorer, Microsoft Edge, Microsoft Windows PDF Library, Windows Media, Microsoft Windows OS, Microsoft Office, Windows OLE, and .NET framework.

Adobe Inc. has release security updates to Adobe Acrobat, Adobe Acrobat Reader, and Adobe Digital Editions. These updates address vulnerabilities in the Windows and Macintosh editions for Acrobat and Acrobat Reader, and in the Windows, Macintosh, iOS, and Android versions of Adobe Digital Editions. Users and administrators are advised to update their software with immediate effect.

Internet Systems Consortium (ISC) has released security updates to address a vulnerability in several versions of ISC Dynamic Host Configuration Protocol (DHCP) server. ISC States that the exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. ISC will release updates in due course, and urge users and administrators to adhere to currently known workarounds to mitigate the risk caused by this vulnerability.

OpenSSL has released updates to its two current versions to address several vulnerabilities. OpenSSL’s security advisory on the matter states that the exploitation of some of these vulnerabilities (which includes the vulnerability known as DROWN) may allow an attacker to obtain sensitive information. Users and administrators are advised to apply the necessary patches to OpenSSL with immediate effect.

Cisco has released security updates to address 4 vulnerabilities found in several of its products. The products affected include Cisco Nexus 3000 Series and 3500 Platform Switches, Cisco NX-OS Software, and Cisco Web Security Appliance. Cisco states that the exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected device. Users and administrators are advised to apply the necessary patches with immediate effect.

Google Inc. has released a security update for its popular Google Chrome web browser. This update addresses multiple vulnerabilities in the previous versions of Google Chrome for Windows, Mac, and Linux. It is also the first release of Google Chrome 49 Google states that the exploitation of some of these vulnerabilities may lead to a remote attacker taking control of an affected system. Users and administrators are advised to apply the necessary updates with immediate effect.

The Apple Corporation has released a security update for AppleTV. This update addresses multiple vulnerabilities that existed in the previous versions of AppleTV. Apple states that the exploitation of some of these vulnerabilities may allow an attacker to take control of an affected device. It is recommended that users and administrators apply the security update that has been released with regard to this update.

It has been reported that GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are advised to apply the available patches with immediate effect to avoid compromise.

Drupal issued a security advisory which lists multiple vulnerabilities that have been addressed in its newest versions. This popular Content Management System (CMS) saw versions 6.x, 7.x, and 8.x getting new releases that have been identified as Critical. It is advised that users and administrators update their Drupal core to the relevant versions with immediate effect to avoid being compromised.

The Microsoft Corporation has released an update for Microsoft Enhanced Mitigation Experience Toolkit (EMET). This update has been released to address a vulnerability in EMET which may allow a remote attacker to bypass or disable EMET in order to take control of an affected system. Users and administrators are advised to apply the necessary updates.

footerimage

Member of

logo apcertfirst logo-2

Collaborated with

apwg2ICTA logo2ack cymru

Our Partners
lanka-certify-logoDark-Lab-Logo2contact