Securing the Nation's Digital Infrastructure

This release consists of security updates for the following products, features and roles. .NET Core & Visual Studio HTTP.sys Internet Explorer Microsoft Accessibility Insights for Web Microsoft Bluetooth Driver Microsoft Dynamics Finance & Operations Microsoft Edge (Chromium-based) Microsoft Exchange Server Microsoft Graphics Component Microsoft Office Microsoft Office Access Microsoft Office Excel Microsoft Office SharePoint Microsoft …

WordPress 5.7.2 is now available. This security release features one security fix. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 5.7.2 is a short-cycle security release. The next major release will be version 5.8. You can update to …

The Cybersecurity & Infrastructure Security Agency (CISA), National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) of the United States have released a Joint Cybersecurity Advisory (CSA) on Russian Foreign Intelligence Service (SVR) actors scanning for and exploiting vulnerabilities to compromise U.S. and allied networks, including national security and government-related systems. Specifically, SVR actors are …

Microsoft’s April 2021 Security Update mitigates significant vulnerabilities affecting on-premises Exchange Server 2013, 2016, and 2019. An attacker could exploit these vulnerabilities to gain access and maintain persistence on the target host. The Cybersecurity & Infrastructure Security Agency (CISA) strongly urges organizations to apply Microsoft’s April 2021 Security Update to mitigate against these newly disclosed vulnerabilities. …

Microsoft has released the Exchange On-premises Mitigation Tool (EOMT.ps1) that can automate portions of both the detection and patching process. Microsoft stated the following along with the release: “[the tool is intended] to help customers who do not have dedicated security or IT teams to apply these security updates. The United States of America’s Cybersecurity and Infrastructure …

Please be advised that SonicWall is announcing the availability of an SMA 100 series firmware 10.2.0.5-29sv update to patch a zero-day vulnerability on SMA 100 series 10.x code. All SMA 100 series users must apply this patch IMMEDIATELY to avoid potential exploitation. Affected SMA 100 Devices with 10.x Firmware that Require the Critical Patch: Physical Appliances: SMA 200, SMA 210, SMA 400, SMA …

Please be advised that Microsoft has released a security advisory to address a remote code execution vulnerability, CVE-2021-1647, in Microsoft Defender. A remote attacker can exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. TT-CSIRT is urging all entities (public and private) to download and install …

Please be advised that Microsoft has released January 2021 Security Updates which prevents remote attackers from exploiting vulnerabilities to gain control of affected systems. The following software will be updated: Microsoft Windows Microsoft Edge (EdgeHTML-based) Microsoft Office and Microsoft Office Services and Web Apps Microsoft Windows Codecs Library Visual Studio SQL Server Microsoft Malware Protection …