CDSA News

Weekend Vulnerability and Patch Report, Aug. 10, 2014 (Citadel Information Group)

Important Security Updates

Apple iTunes: Apple has released version 11.3.1 of iTunes for Windows (64-bit). Updates are available from Apple’s website.

Foxit Reader: Foxit has released version 6.2.2.0802 to fix a moderately critical vulnerability. Updates are available through the program or from Foxit’s website.

Opera: Opera has released version 23.0.1522.72 to fix moderately critical vulnerabilities. Updates are available from within the browser or from Opera’s website. 

Oracle Java: Oracle has released Java SE 7 Update 67. The update is available through Windows Control Panel or Java’s website. [See Citadel’s recommendation below]

Current Software Versions

Adobe Flash 14.0.0.145 [Windows 7: IE]

Adobe Flash 14.0.0.145 [Windows 7: Firefox, Mozilla]

Adobe Flash 14.0.0.145 [Windows 8: IE]

Adobe Flash 14.0.0.145 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.07

Dropbox 2.10.3

Firefox 31.0

Google Chrome 36.0.1985.125

Internet Explorer 11.0.9600.17126

Java SE 7 Update 67

QuickTime 7.7.5

Safari 5.1.7

Safari 7.0.4 [Mac OS X]

Skype 6.18.0.106

For Your IT Department

Cisco Multiple Products: Secunia reports that Cisco has released updates for its IOS Software and IOS XE Software, Unity Connection and others. Apply updates. Secunia reports that Cisco has released a partial fix for its TelePresence Products. Update or upgrade to version 1.10.7:3 or 6.1.4:4.

McAfee Network Security Manager: Secunia reports that McAfee has released updates for its Network Security Manager to fix a vulnerability. Update to version 8.1.7.3, 7.5.5.9, 7.1.15.7, 7.1.5.15, or 6.1.15.39.

OpenSSL Multiple Products: Secunia reports that vulnerabilities, some of which are moderately critical, are reported in previous versions. Update to version 0.9.8zb or update to version 1.0.0n or 1.0.1i.