UCSF IT Technology

ServiceNow released a security update to address a High vulnerability in the ServiceNow Now Platform. If exploited, the vulnerability could allow an attackers to execute arbitrary code.

HPE released security updates to address Critical and other vulnerabilities in HPE Instant AOS-8 and AOS-10 software. A remote attacker could exploit these vulnerabilities to perform unauthenticated command injection.

Microsoft released security updates and guidance to address an Important vulnerability in Microsoft Windows Update. Attackers with administrative privileges could exploit them to perform downgrade attacks, reverting fully up-to-date systems to older versions containing exploitable vulnerabilities. 

QNAP released a security update to address a Critical 0-day vulnerability  in QNAP QNAP HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. 

Google has released new versions of Chrome to address vulnerabilities in Google Chrome. For a complete description of the vulnerabilities and affected systems go to Chrome Releases. IT Security Read more about IT Security service offerings.

Microsoft released security updates and guidance to address an Important vulnerability in Microsoft Windows Update. Attackers with administrative privileges could exploit them to perform downgrade attacks, reverting fully up-to-date systems to older versions containing exploitable vulnerabilities. 

Apple has released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. 

Cisco has released security updates to address a 0-day and other vulnerabilities in multiple Cisco Products.  A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.