UCSF IT Technology

Red Hat released multiple security updates in October for various Red Hat products. For a complete description of the vulnerabilities and affected systems go to Red Hat October Updates. IT Security

Suse released multiple security updates in October for various Suse products. For a complete description of the vulnerabilities and affected systems go to Suse October2023 Archives by date. IT Security

Apache released security updates to address a vulnerability in Apache ActiveMQ. A threat actor could exploit this vulnerability to perform remote code execution. For a complete description of the vulnerabilities and affected systems go to CVE-2022-46604 Detail. IT Security

VMware has released a security advisory to address vulnerabilities in VMware Tools. A malicious user could exploit this vulnerability to elevate their privileges.  For a complete description of the vulnerabilities and affected systems go to VMSA-2023-0024. IT Security

NextGen HealthCare released a security update to address a Critical vulnerability in Mirth Connect. An attacker could exploit these vulnerabilities to perform remote code execution. For a complete description of the vulnerabilities and affected systems go to 4.4.1 What's New. IT Security

F5 released a security advisory to address a Critical vulnerability in BIG-IP. An attacker could exploit this vulnerability to perform remote code execution. For a complete description of the vulnerabilities and affected systems go to K000137353: BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747. IT Security

Threat Alert: Trusted Websites Delivering Fake Browser Updates

Apple has released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit these vulnerabilities to perform  code execution, privilege escalation and exposure of sensitive data. For a complete description of the vulnerabilities and affected systems go to Apple Security Updates. IT Security