Webinar Library
Welcome to this August Patch Monday Bulletin. This month there were no known attacks on products being updated. There was a significant amount of Adobe products updated this month with numerous vulnerabilities so it would be an ideal time to take inventory of Adobe products in use within the corporate environment. The only priority 1 update is for Adobe Experience Manager which updates an Arbitrary Code Execution vulnerability. Review your environment to determine whether AEM is present and update. Follow up with either or both browser updates for Google Chrome and Mozilla Firefox. Review the remaining Adobe products and determine whether you need to update these products within your environment. Finally, update the 2 Apple products, iTunes and iCloud, if they are present.
Over the years we've had millions of visitors to UltimateWindowsSecurity.com. Every month we have thousands and thousands of visitors to our Security Log Encyclopedia which documents all of the Security Log event ID’s for Windows Server OS’s. Back in 2007 when SharePoint added auditing capability, I realized that my audience not only needed the event information from SharePoint but I also found a similar need in SQL Server and Exchange. So not only did I document the data but I also started to develop the means to extract that event data from these applications so that it’s accessible and useable to the end user. Some 8 years later and LOGbinder is continuing to grow as companies realize LOGbinder bridges the gap between these applications and their infosec team. Visit LOGbinder.com to download a free 30-day fully functional trial and see the security event data that you have literally been missing.
So, without further ado, here’s the chart of non MS patches this month.
Patch data provided by:
Identifier
Vendor/Product
Product Version Affected
Date Released by Vendor
Vulnerability Info
Vendor Severity / Our Recommendation
CVE-2019-8062
Adobe After Effects CC
16 and earlier
8/13/2019
Arbitrary Code Execution
Important Priority 3: Update at admin’s discretion
CVE-2019-7870
Adobe Character Animator
2.1 and earlier
CVE-2019-7931
Adobe Premiere Pro CC
13.1.2 and earlier
CVE-2019-7961
Adobe Prelude CC
8.1 and earlier
Multiple CVE’s
Adobe Creative Cloud Desktop
4.6.1 and earlier
Arbitrary Code Execution, Denial of Service, Privilege Escalation, Information Leakage
Critical Priority 2: Update within 30 days
Adobe Acrobat/Reader
macOS Continuous 2019.012.20034 and earlier
Windows Continuous 2019.012.20035
macOS Classic 2017 2017.011.30142 and earlier
Windows Classic 2017 2017.011.30143 and earlier
macOS Classic 2015
2015.006.30497 and earlier
Windows Classic 2015 2015.006.30498 and earlier
Arbitrary Code Execution, Information Disclosure
Important Priority 2: Update within 30 days
CVE-2019-7964
Adobe Experience Manager
6.5, 6.4
Remote Code Execution
Critical Priority 1: Update within 72 hours
Adobe Photoshop CC
19.1.8 and earlier
20.0.5 and earlier
Arbitrary Code Execution, Memory Leak
Critical Priority 3: Update at admin’s discretion
iCloud for Windows
Before 10.6
Before 7.13
7/23/2019
Arbitrary Code Execution, Information Disclosure, Cross Site Scripting
Update after testing
iTunes for Windows
Before 12.9.6
Google Chrome
Before 76.0.3809.132
8/26/2019
Use After Free, Information Disclosure, Security Bypass
CVE-2019-11733
Mozilla Firefox
Before Firefox 68.0.2/ESR 68.0.2
8/14/2019
Information Disclosure, Security Bypass
We will not share your address. Unsubscribe anytime. By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us.