UCSF IT Technology

Microsoft released its February Security Updates to address 0-day and other vulnerabilities in multiple Microsoft products.For a complete description of the vulnerabilities and affected systems, go to Microsoft Security Update Guide for February.IT SecurityRead more about IT Security service offerings.

SAP released its February 2025 updates to address High and other vulnerabilities in multiple SAP products.For a complete description of the vulnerabilities and affected systems, go to SAP Security Patch Day – February 2025.IT SecurityRead more about IT Security service offerings.

Adobe has released security updates to address vulnerabilities in multiple Adobe products.For a complete description of the vulnerabilities and affected systems, go to Adobe Security Bulletins.IT SecurityRead more about IT Security service offerings.

Microsoft published threat intelligence about the exploitation of publicly disclosed ASP.NET machine keys. An attacker can exploit these vulnerabilities to inject malicious code and deliver the Godzilla post-exploitation framework. For a complete description of the vulnerabilities and affected systems go to Code injection attacks using publicly disclosed ASP.NET machine keys.IT Security

CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks. An attacker could exploit this vulnerability to perform out of bounds writes.For a complete description of the vulnerabilities and affected systems go to CVE-2024-53104 Detail.IT SecurityRead more about IT Security service offerings.

WordPress released security updates to address a vulnerability in the WordPress ASE Plugin. An attacker could exploit this vulnerability to escalate privileges. 

Google has released new versions of Chrome to address vulnerabilities in Google Chrome.For a complete description of the vulnerabilities and affected systems go to Chrome Releases.IT SecurityRead more about IT Security service offerings.

TeamViewer has released new versions of the TeamViewer remote access solutions for Windows to address High vulnerabilities.For a complete description of the vulnerabilities and affected systems go to TV-2025-1001 Improper Neutralization of Argument Delimiters in TeamViewer Clients.IT SecurityRead more about IT Security service offerings.

VMware has released security updates to address High vulnerabilities affecting VMware Aria Operations and Aria Operations for Logs products. An attacker could exploit these vulnerabilities to gain admin access.