Cisco | Apple | Google | Adobe | Microsoft | SAP

Advisory ID: 
JMCIRT-SA-2020.122
Advisory Date: 
Friday, August 14, 2020
Advisory Description: 

 

Cisco Releases Security Updates for Multiple Products
Original release date: August 6, 2020

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take obtain sensitive information.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the following Cisco Advisories and apply the necessary updates:


Apple Releases Security Updates for iCloud for Windows
Original release date: August 11, 2020

Apple has released security updates to address vulnerabilities in iCloud for Windows 7.20 (for Windows 7 and later) and 11.3 (for Windows 10 and later). An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Apple Security pages for iCloud 7.20 and iCloud 11.3 and apply the necessary updates.

Google Releases Security Updates for Chrome
Original release date: August 11, 2020

Google has released Chrome version 84.0.4147.125 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Chrome Release and apply the necessary updates.


Adobe Releases Security Updates
Original release date: August 11, 2020

Adobe has released security updates to address vulnerabilities affecting Adobe Acrobat, Reader, and Lightroom. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Adobe Security Bulletins APSB20-48 and APSB20-51 and apply the necessary updates.


Microsoft Releases Security Updates
Original release date: August 11, 2020

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse Microsoft’s August 2020 Security Update Summary and Deployment Info and apply the necessary updates.


Microsoft Addresses RCE and Spoofing Vulnerabilities Under Active Exploitation
Original release date: August 11, 2020

Microsoft has released security updates to address two vulnerabilities—CVE-2020-1380 and CVE-2020-1464—that are being actively exploited. CVE-2020-1380 is a remote code execution vulnerability affecting Internet Explorer 11, and CVE-2020-1464 is a spoofing vulnerability that affects multiple Windows products. An attacker could exploit these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse Microsoft’s Security Advisories for CVE-2020-1380 and CVE-2020-1464 and apply the necessary updates.


SAP Releases August 2020 Security Updates
Original release date: August 11, 2020

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes a cross-site scripting vulnerability (CVE-2020-6284) in NetWeaver (Knowledge Management)

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse SAP Security Notes and apply the necessary updates.


References
1. https://www.us-cert.gov
2. https://tools.cisco.com/security/center/publicationListing.x
3. https://support.apple.com/en-us/HT211294
4. https://support.apple.com/en-us/HT211294
5. https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-...
6. https://helpx.adobe.com/security.html
7. https://support.microsoft.com/en-us/help/20200811/security-update-deploy...
8. https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedet...
9. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...
10.https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...
 11.https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552603345