July, 2016: Patch Monday: July Oracle CPU is Here

Welcome to the July Patch Monday Bulletin. This month delivers patches for Flash, Acrobat, Reader, XMP Tool Kit, Safari, iTunes, Chrome and Java. First up this month is Adobe Flash followed by Adobe Reader/Acrobat. Both of these applications are highly targeted and remediate potentially exploitable arbitrary code execution vulnerabilities. Applying these patches will remediate 82 vulnerabilities. Next, look at applying patches for Java. Java is a historically targeted application but there is relatively little known about the types of vulnerabilities affecting it at the moment. Test and apply the Chrome and Safari patches if these browsers are used throughout the environment. Finally, look for and patch iTunes in your environment. iTunes is not a typical corporate application but end users with admin rights may have installed it. It is important to inventory applications within your environment so that there is adequate patch coverage. For example, iTunes may not be an application that is deployed by default but it has the potential to be exploited if end users install it.

Dell Software empowers organizations of all sizes to experience Dell’s “power to do more” by delivering scalable yet simple-to-use solutions that can increase productivity, responsiveness and efficiency. Dell Software is uniquely positioned to address today’s most pressing business and IT challenges with holistic, connected software offerings across five core solution areas, encompassing data center and cloud management, information management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, helps customers simplify IT, mitigate risk and accelerate business results.

So, without further ado, here's the chart of non-MS patches that affect Windows platforms in the past month.

Patch data provided by:


Advertisement

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

CVE-2016-4216

Adobe XMP Toolkit

5.1.2 and earlier

7/12/2016

Information Disclosure

Priority 3: Update at admin’s discretion

Multiple CVE’s

Adobe Flash

Win/Mac 22.0.0.192 and earlier

Win/Mac ESR 18.0.0.360 and earlier

Linux 11.2.202.626 and earlier

7/12/2016

Arbitrary Code Execution, Denial of Service, Information Disclosure, Security Bypass,

Priority 1: Update as soon as possible

Multiple CVE’s

Adobe Acrobat/Reader

Acrobat/Reader DC Continuous 15.016.20045 and earlier

Acrobat/Reader DC Classic 15.006.30174 and earlier Acrobat/Reader XI

11.0.16 and earlier

7/7/2012

Arbitrary Code Execution, Denial of Service, Security Bypass

Priority 2: Update within 30 days

Multiple CVE’s

Apple Safari

Before 9.1.2

7/18/2016

Arbitrary Code Execution, Denial of Service, Information Disclosure, Spoofing

Update as soon as possible

Multiple CVE’s

Apple iTunes

Before 12.4.2

7/18/2016

Denial of Service, Information Disclosure

Update after testing

Multiple CVE’s

Google Chrome

Before 52.0.2743.82

7/20/2016

Denial of Service, Information Disclosure, Security Bypass, Spoofing, Security Bypass

Update after testing

Multiple CVE’s

Oracle Java

Java SE 6u115, 7u101, 8u92

7/19/2016

Confidentiality, Integrity, Availability

Update after testing

 


Send me this chart next Patch Tuesday.
Email:
We will not share your address. Unsubscribe anytime.