While a Patch Tuesday week tends to be quite eventful on its own, Mozilla, Intel, and Adobe are making sure you know what to do! Mozilla fixed multiple vulnerabilities in its 68 (Firefox) and 60.8 (Firefox ESR) releases, while Intel released two severe security updates. Last but not least, Adobe published 3 patches. There are no security patches for Adobe Flash or Adobe Reader making Microsoft, Intel & Firefox your biggest priority today.
Microsoft Patch Tuesday – July 2019
Microsoft released its Patch Tuesday, July 2019 software updates to address a total of 77 vulnerabilities in its Windows operating systems and other products. Including 15 rated as critical and two zero-day vulnerabilities are known to be under active exploit.
Similar to previous months, we’ve created an Audit Report which checks if the assets in your network are on the latest Microsoft patch update. It’s color-coded to give you an easy and quick overview which assets are already on the latest Windows update, and which ones still need to be patched.
Multiple Vulnerabilities in Mozilla Firefox
Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Get an overview of all outdated Firefox installations via our custom Audit Report and install the security patches.
Affected Firefox Systems
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in Intel Solid State Drives (SSD) for Data Centers and Intel Processor Diagnostic Tool. An attacker could exploit these vulnerabilities to gain an escalation of privileges on a previously infected machine.
A potential security vulnerability (CVE-2018-18095) in Intel® Solid State Drives (SSD) for Data Centers (DC) S4500/S4600 Series firmware may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel recommends updating Intel® SSD DC S4500 Series and Intel® SSD DC S4600 Series firmware to SCV10150 or later.
You can use our SSD or HDD Audit Report to list all drives in your environment and to find upgrade candidates for SSDs.
A potential security vulnerability (CVE-2019-11133) in the Intel® Processor Diagnostic Tool may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Intel recommends that users of Intel® Processor Diagnostic Tool update to version 4.1.2.24 or later.
To check if Intel’s Processor Diagnostic Tool is installed in your network and is up to date, you can run our Audit Report to get a color-coded overview of all Intel Processor Diagnostic Tool installations and their versions.
Adobe July Patch Tuesday Updates
Adobe issued only 3 security patches for Bridge CC, Experience Manager, and Dreamweaver. Experience Manager is patched for three vulnerabilities, while Bridge and Dreamweaver each have one.
None are labeled as critical, and the highest-rated vulnerability for each software package is labeled as important. There are no patches for Adobe Flash or Adobe Reader making Microsoft, Intel & Firefox your biggest priority today. Nevertheless, we’ve created an Audit Report which checks if the assets in your network are running the latest Adobe updates.