Mozilla | Microsoft | Cisco | Adobe | SAP | Google

Advisory ID: 
JMCIRT-SA-2020.162
Advisory Date: 
Sunday, November 15, 2020
Advisory Description: 

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Original release date: November 10, 2020

Mozilla has released security updates to address a vulnerability in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit this vulnerability to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Mozilla Security Advisory for Firefox 82.0.3, Firefox ESR 78.4.1 and Thunderbird 78.4.2 and apply the necessary updates.


Microsoft Releases November 2020 Security Updates
Original release date: November 10, 2020

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Microsoft November 2020 Security Update Summary and Deployment Info and apply the necessary updates.


Cisco Releases Security Update for IOS XR Software
Original release date: November 10, 2020

Cisco has released a security update to address a vulnerability in IOS XR Software for ASR 9000 Series Aggregation Services Routers. An unauthenticated, remote attacker could exploit this vulnerability to cause a denial-of-service condition.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Cisco Security Advisory and apply the necessary updates.


Adobe Releases Security Updates for Multiple Products
Original release date: November 10, 2020

Adobe has released security updates to address vulnerabilities in multiple products.  An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Adobe Security advisories for Adobe Connect and Adobe Reader for Android and apply the necessary updates.


SAP Releases November 2020 Security Updates
Original release date: November 10, 2020

SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. These include missing authentication check vulnerabilities affecting SAP Solution Manager (JAVA stack).

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the SAP Security notes and apply the necessary updates.

 

Google Releases Security Updates for Chrome
Original release date: November 12, 2020

Google has released Chrome version 86.0.4240.198 for Windows, Mac, and Linux. This version addresses CVE-2020-16013 and CVE-2020-16017. An attacker could exploit one of these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Google Chrome Release and apply the necessary updates.

 


References
1. https://www.us-cert.gov
2. https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/   
3. https://support.microsoft.com/en-us/help/20201110/security-update-deploy...
4. https://msrc.microsoft.com/update-guide/releaseNote/2020-Nov   
5. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...
6. https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.html
7. https://helpx.adobe.com/adobe-connect/connect-downloads-updates.html
8. https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571 
9. https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-...