UCSF IT Technology

Mandiant reported multiple vulnerabilities in the Wiki Platform. There are no current mitigations. An attacker could exploit these vulnerabilities to achieve unknown impacts.

Google has released new versions of Chrome.For a complete description of the vulnerabilities and affected systems go to: Chrome Releases.IT SecurityRead more about IT Security service offerings.

WordPress released a security update to address a vulnerability in WordPress. An attacker could exploit this vulnerability to perform cross-site scripting (XSS). For a complete description of the vulnerabilities and affected systems go to: WordPress 6.5.2.IT Security

Adobe has released security updates to address Critical and other vulnerabilities in multiple Adobe products. An attacker could exploit the worst of these vulnerabilities to perform arbitrary file system reads.For a complete description of the vulnerabilities and affected systems go to: Adobe Security Bulletins.IT Security

SAP released their April  2024 updates to address High and other vulnerabilities in multiple SAP products.For a complete description of the vulnerabilities and affected systems go to: SAP Security Patch Day – April 2024.IT Security

Microsoft released their April Security Update to address Critical and other vulnerabilities in multiple Microsoft products. An attacker can exploit some of these vulnerabilities to take control of an affected system.For a complete description of the vulnerabilities and affected systems go to: Microsoft Security Update Guide for April.IT Security

Adobe released security updates to address a Critical, now Actively Exploited vulnerability in Adobe Commerce and Magento, as part of its February Patch Tuesday updates.  Websites that have not been updated remain vulnerable to exploitation. An attacker could exploit this vulnerability to inject a persistent backdoor into ecommerce websites.