UCSF IT Technology

VMWare has released guidance on protecting vSphere From Specialized Malware. Specialized Malware is being used to exploit and gain persistent access to instances of ESXi.  For a complete description of the vulnerabilities and affected systems go to Protecting vSphere From Specialized Malware. IT Security

H-ISAC reported a Weaponized Vulnerability in Linux. An attacker could exploit this vulnerability to escalate privileges. For a complete description of the vulnerabilities and affected systems go to CVE-2022-25636 Detail. IT Security Read more about IT Security service offerings.

Drupal has released Critical security updates to address vulnerabilities in Twig impacting Drupal core. A remote attacker could exploit these vulnerabilities to perform unauthorized read access to private files, the contents of other files on the server, or database credentials.

Wayland has released security updates to address a vulnerability in Wayland. An attacker could exploit this vulnerability to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code. For a complete description of the vulnerabilities and affected systems go to USN-5614-1: Wayland vulnerability. IT Security

Google released Chrome 106.0.5249.61 for Mac/Linux and 106.0.5249.61/62 for Windows. A remote attacker could exploit this vulnerability to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to Chrome Release Note. IT Security

Dell has released security updates to address Critical and High vulnerabilities in Dell Products. An attacker could exploit the Dell SmartFabric Storage Software vulnerability to execute arbitrary commands. An attacker could exploit the Dell CloudLink vulnerability to gain unauthorized access to the system. For a complete description of the vulnerabilities and affected systems go to