CDSA News
Weekend Vulnerability and Patch Report, Aug. 10, 2014 (Citadel Information Group)
Story Highlights
Important Security Updates
Apple iTunes: Apple has released version 11.3.1 of iTunes for Windows (64-bit). Updates are available from Apple’s website.
Foxit Reader: Foxit has released version 6.2.2.0802 to fix a moderately critical vulnerability. Updates are available through the program or from Foxit’s website.
Opera: Opera has released version 23.0.1522.72 to fix moderately critical vulnerabilities. Updates are available from within the browser or from Opera’s website.
Oracle Java: Oracle has released Java SE 7 Update 67. The update is available through Windows Control Panel or Java’s website. [See Citadel’s recommendation below]
Current Software Versions
Adobe Flash 14.0.0.145 [Windows 7: IE]
Adobe Flash 14.0.0.145 [Windows 7: Firefox, Mozilla]
Adobe Flash 14.0.0.145 [Windows 8: IE]
Adobe Flash 14.0.0.145 [Macintosh OS X: Firefox, Opera, Safari]
Adobe Reader 11.0.07
Dropbox 2.10.3
Firefox 31.0
Google Chrome 36.0.1985.125
Internet Explorer 11.0.9600.17126
Java SE 7 Update 67
QuickTime 7.7.5
Safari 5.1.7
Safari 7.0.4 [Mac OS X]
Skype 6.18.0.106
For Your IT Department
Cisco Multiple Products: Secunia reports that Cisco has released updates for its IOS Software and IOS XE Software, Unity Connection and others. Apply updates. Secunia reports that Cisco has released a partial fix for its TelePresence Products. Update or upgrade to version 1.10.7:3 or 6.1.4:4.
McAfee Network Security Manager: Secunia reports that McAfee has released updates for its Network Security Manager to fix a vulnerability. Update to version 8.1.7.3, 7.5.5.9, 7.1.15.7, 7.1.5.15, or 6.1.15.39.
OpenSSL Multiple Products: Secunia reports that vulnerabilities, some of which are moderately critical, are reported in previous versions. Update to version 0.9.8zb or update to version 1.0.0n or 1.0.1i.