No Image

Releasing Windows 10, version 22H2 to the Release Preview Channel

2022-07-29 KENNETH 0

Releasing Windows 10, version 22H2 to the Release Preview Channel Hello Windows Insiders! Today we are releasing the first preview build of Windows 10, version 22H2. Windows 10 Build 19045.1865 (KB5015878) is now available in the Release Preview Channel for Windows Insider Program for Business participants to validate on devices in their organizations. Commercial devices* configured for the Release Preview Channel via the Windows Insider Program Settings page or via Windows Update for Business policy, whether through Microsoft Intune or through Group Policy, will automatically be offered Windows 10, version 22H2 as an optional update. Windows 10, version 22H2 is also now available via Windows Server Update Service and Azure Marketplace. Should any issues arise, IT admins in these organizations can request free Microsoft Support. This support offer is intended to help resolve issues with commercial-specific scenarios and is limited to the Windows 10 Pro, Enterprise, and Education editions. [ more… ]

No Image

USN-5538-1: libtirpc vulnerability

2022-07-28 KENNETH 0

USN-5538-1: libtirpc vulnerability It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Source: USN-5538-1: libtirpc vulnerability

No Image

USN-5537-1: MySQL vulnerabilities

2022-07-28 KENNETH 0

USN-5537-1: MySQL vulnerabilities Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.39. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-39.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-30.html https://www.oracle.com/security-alerts/cpujul2022.html Source: USN-5537-1: MySQL vulnerabilities

No Image

USN-5536-1: Firefox vulnerabilities

2022-07-28 KENNETH 0

USN-5536-1: Firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code. Source: USN-5536-1: Firefox vulnerabilities

No Image

USN-5535-1: Intel Microcode vulnerabilities

2022-07-28 KENNETH 0

USN-5535-1: Intel Microcode vulnerabilities Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. (CVE-2021-0145) Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges. (CVE-2021-0146) It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service (system crash). (CVE-2021-0127) It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. (CVE-2022-21123, CVE-2022-21127) It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local [ more… ]