UCSF IT Technology

Lenovo has released security updates to address vulnerabilities in Lenovo UEFI Firmware impacting multiple laptop models.  For a complete description of the vulnerabilities and affected systems Lenovo Notebook BIOS Vulnerabilities. IT Security Read more about IT Security service offerings.

AWS has released a security advisory to address a vulnerability impacting multiple AWS products. An attacker could exploit some of this vulnerability to escalate privileges.  For a complete description of the vulnerabilities and affected systems Reported EKS IAM Authenticator Issue. IT Security Read more about IT Security service offerings.

IBM has released security updates for a High vulnerability in IBM CICS TX Advanced.  This vulnerability could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request.   For a complete description of the vulnerabilities and affected systems Security Bulletin: IBM CICS TX Standard is vulnerable to arbitrary code execution (CVE-2022-31767). IT Security

Critical and Important Vulnerabilities in Multiple Adobe Products.  An attacker could exploit these vulnerabilities to perform arbitrary code execution and memory leak attacks.  For a complete description of the vulnerabilities and affected systems Adobe Security Bulletins. IT Security Read more about IT Security service offerings.

Microsoft released their July Security Update to address vulnerabilities in multiple Microsoft products. An attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems July 2022 Security Update. IT Security Read more about IT Security service offerings.

SAP released security updates to address High and Medium vulnerabilities affecting multiple SAP products. An attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems SAP Security Patch Day – July 2022. IT Security Read more about IT Security service offerings.

Citrix has released security updates to address High vulnerabilities impacting Citrix Products. An attacker could exploit these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems Citrix Security Updates CTX461397. IT Security Read more about IT Security service offerings.

H-ISAC reported that a vulnerability in Apache Tomcat has been Weaponized. This vulnerability allows for uncontrolled resource consumption. For a complete description of the vulnerabilities and affected systems CVE-2022-29885 Apache Tomcat EncryptInterceptor. IT Security Read more about IT Security service offerings.

Fortinet released security updates to address High vulnerabilities in multiple Fortinet products For a complete description of the vulnerabilities and affected systems Fortinet Advisory Page. IT Security Read more about IT Security service offerings.