Government of the Republic of Trinidad and Tobago
gov.tt

Securing the Nation's Digital Infrastructure

TTCSIRT-310.041520: TT-CSIRT ADVISORY – MICROSOFT RELEASES APRIL 2020 SECURITY UPDATES

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. TT-CSIRT encourages users and administrators to review Microsoft’s April 2020 Security Update Summary and Deployment Information and apply the necessary updates. Security Update Summary: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Apr Deployment Information: https://support.microsoft.com/en-us/help/20200414/security-update-deployment-information-april-14-2020

TTCSIRT-309.041520: TT-CSIRT ADVISORY – INTEL RELEASES SECURITY UPDATES

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain escalation of privileges. TT-CSIRT encourages users and administrators to review the following Intel advisories and apply the necessary updates or workarounds: Data Migration Software Advisory- INTEL-SA-00327 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00327.html PROSet/Wireless WiFi Software Advisory- INTEL-SA-00338 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00338.html Driver …

TTCSIRT-308.041520: TT-CSIRT ADVISORY – ORACLE CRITICAL PATCH UPDATE

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Please refer to the following …

TTCSIRT-307.041520: TT-CSIRT ADVISORY – VMWARE VREALIZE LOG INSIGHT VULNERABILITIES

Cross Site Scripting (XSS) and Open Redirect vulnerabilities exist in vRealize Log Insight due to improper Input validation; (CVE-2020-3953) and (CVE-2020-3954) respectively. VMware has evaluated the severity of these issues to be in the important and moderate severity ranges with the Cross Site Scripting vulnerability having a maximum CVSSv3 base score of 8.4 and Open …

TTCSIRT-306.041520: TT-CSIRT ADVISORY- ADOBE RELEASES SECURITY UPDATES FOR MULTIPLE PRODUCTS

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. TT-CSIRT encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates. ColdFusion: https://helpx.adobe.com/security/products/coldfusion/apsb20-18.html After Effects: https://helpx.adobe.com/security/products/after_effects/apsb20-21.html Digital Editions: https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html