VMware | Apache | Adobe | Microsoft

Advisory ID: 
JMCIRT-SA-2020.106 Part 1
Advisory Date: 
Friday, July 17, 2020
Advisory Description: 

VMware Releases Security Updates for Multiple Products
Original release date: July 10, 2020

VMware has released security updates to address a vulnerability in VMware Fusion, Remote Console, and Horizon Client. An attacker could exploit this vulnerability to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the VMware Security Advisory and apply the necessary updates.

Apache Releases Security Advisories for Apache Tomcat
Original release date: July 14, 2020

The Apache Software Foundation has released security advisories to address multiple vulnerabilities in Apache Tomcat. An attacker could exploit these vulnerabilities to cause a denial-of-service condition.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Apache security advisories for CVE-2020-13934 and CVE-2020-13935 and apply the necessary updates.


Adobe Releases Security Updates for Multiple Products
Original release date: July 14, 2020

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the following Adobe Security bulletins and apply the necessary updates:


Microsoft Addresses 'Wormable' RCE Vulnerability in Windows DNS Server
Original release date: July 14, 2020

Microsoft has released a security update to address a remote code execution (RCE) vulnerability—CVE-2020-1350—in Windows DNS Server. A remote attacker could exploit this vulnerability to take control of an affected system. This is considered a “wormable” vulnerability that affects all Windows Server versions.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Microsoft Security Advisory and Blog and apply the necessary updates.


Microsoft Releases July 2020 Security Updates
Original release date: July 14, 2020

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Jamaica Cyber Incident Response Team (JaCIRT) advises users and administrators to peruse the Microsoft July 2020 Security Update and Deployment Info and apply the necessary updates.


References
1. https://www.us-cert.gov
2. https://www.vmware.com/security/advisories/VMSA-2020-0017.html
3. http://mail-archives.us.apache.org/mod_mbox/www-announce/202007.mbox/%3C...
4. http://mail-archives.us.apache.org/mod_mbox/www-announce/202007.mbox/%3C...
5. https://helpx.adobe.com/security.html
6. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2...
7. https://msrc-blog.microsoft.com/2020/07/14/july-2020-security-update-cve...
8. https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedet...
9. https://support.microsoft.com/en-us/help/20200714/security-update-deploy...