UCSF IT Technology

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system.   For a complete description of the vulnerabilities and affected systems go to Adobe Security Bulletins IT Security

Mozilla released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to Mozilla Foundation Security Advisories. IT Security

Microsoft released their April Security Update to address vulnerabilities in multiple products. An attacker can exploit some of these vulnerabilities to take control of an affected system.

Apple has released security updates to address vulnerabilities in multiple products.  A remote attacker could exploit this vulnerability to take control of an affected device. For a complete description of the vulnerabilities and affected systems go to Apple Security Updates. IT Security Read more about IT Security service offerings.

Apple released security updates to address zero-day vulnerabilities in Apple iOS that are being actively exploited. A remote attacker could exploit these vulnerabilities to perform arbitrary code execution. For a complete description of the vulnerabilities and affected systems go to Apple security updates. IT Security

Cisco released a security update to address a High vulnerability in several Cisco Products. An authenticated, remote attacker could execute arbitrary code on the underlying operating system.

Microsoft announced Windows 10 Home and Pro, Version 21H2 will reach end of service June 13, 2023. The software will no longer receive security updates after June 13, 2023For a complete description of the vulnerabilities and affected systems go to Windows 10 Home and Pro, Version 21H2.IT SecurityRead more about IT Security service offerings.

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using apparently compromised SAP Concur and DocuSign accounts to distribute malicious emails.  The phishing lures use financial themes, such as an expense report on SAP Concur or a financial settlement document on DocuSign. The lures include malicious links.

Android released its April Android update to address multiple vulnerabilities in Android Devices. The most severe of these issues is a critical security vulnerability in the System component that could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed.

Google released Chrome 112.0.5615.49 for Linux and Mac and 112.0.5615.49/50 for Windows to address vulnerabilities in Chrome.  For a complete description of the vulnerabilities and affected systems go to Chrome Stable Channel Update. IT Security