Hi Micronet,

Here is a brief overview of the patch Tuesday updates. Microsoft released
13 bulletins of which 5 are rated critical. There are critical fixes with
the potential for remote code execution IE, Edge, Microsoft Word, Windows
Media Play, the font rendering library, and the Microsoft PDF library.

Adobe released three critical security updates  for Adobe Acrobat and
Reader with a priority rating of 2, meaning that there is a high risk, but
there is no known exploit yet. If you also use Adobe Digital Editions,
there is a critical fixe for that as well. All of these potentially involve
remote code execution, you should patch ASAP.  There was no Flash update
this month, but Adobe says one is coming soon.

Google releases and update to the stable channel version 49.0.2623.87 with
three security fixes rated high.

Mozilla released Firefox 45 with 8 critical and 7 high severity security
fixes .

If you run PuTTY, then you should also upgrade since the project released
version 0.67, which contains several security fixes and the installer and
executable are now signed. If you run WinSCP, you should patch that as well
due to both the PuTTY upgrades and the OpenSSL upgrades.

There were no security patches from Apple today.

Since it is always worth mentioning, the next Oracle quarterly Critical
Patch Update is April 19.

References:

2016 Bulletin Summaries
https://technet.microsoft.com/en-us/library/security/mt637780.aspx

Security Advisories 2016
https://technet.microsoft.com/en-us/library/security/mt631688.aspx

March 2016 Security Update Release Summary - Microsoft Security Response
Center - Site Home - TechNet Blogs
http://blogs.technet.com/b/msrc/archive/2016/03/08/march-2016-security-update-release-summary.aspx

March 2016 Office Update Release | Office Updates
https://blogs.technet.microsoft.com/office_sustained_engineering/2016/03/09/march-2016-office-update-release/

Office Updates
https://technet.microsoft.com/en-us/library/dn789213(v=office.14).aspx

March 2016 Microsoft Patch Tuesday Security Bulletins | Threatpost | The
first stop for security news
https://threatpost.com/microsoft-patches-critical-vulnerabilities-in-its-browsers/116664/

March 2016 Adobe Acrobat, Reader, Digital Editions Patches | Threatpost |
The first stop for security news
https://threatpost.com/adobe-patches-reader-and-acrobat-teases-upcoming-flash-update/116662/

Patch Tuesday March 2016 - Qualys Blog
https://blog.qualys.com/laws-of-vulnerabilities/2016/03/08/patch-tuesday-march-2016#more-22842

March Patch Tuesday 2016 | Shavlik
http://blog.shavlik.com/march-patch-tuesday-2016/

Microsoft Patch Tuesday - SANS Internet Storm Center
https://isc.sans.edu/mspatchdays.html?viewday=2016-03-08

Adobe Security Bulletin
https://helpx.adobe.com/security/products/acrobat/apsb16-09.html
Security Updates Available for Adobe Acrobat and Reader
Release date: March 3, 2016
Last updated: March 8, 2016
Vulnerability identifier: APSB16-09
Priority: 2
CVE Numbers: CVE-2016-1007, CVE-2016-1008, CVE-2016-1009
Platform: Windows and Macintosh

Adobe Security Bulletin
https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html
Security update available for Adobe Digital Editions
Release date: March 8, 2016
Vulnerability identifier: APSB16-06
Priority: 3
CVE number: CVE-2016-0954
Platform: Windows, Macintosh, iOS and Android

Chrome Releases: Stable Channel Update
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html

Firefox - Notes (45.0) - Mozilla
https://www.mozilla.org/en-US/firefox/45.0/releasenotes/

Security Advisories for Firefox - Mozilla
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45

Firefox 45 for developers - Mozilla | MDN
https://developer.mozilla.org/en-US/Firefox/Releases/45

Firefox 45: Find out what is new - gHacks Tech News
http://www.ghacks.net/2016/03/08/firefox-45-find-out-what-is-new/

PuTTY Change Log
http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

WinSCP :: Official Site :: Download
https://winscp.net/eng/download.php#notification

Thank you,
Ben Gross
Manager, Endpoint Engineering and Infrastructure
Information Services and Technology Division
University of California, Berkeley
bengr...@berkeley.edu
 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from 
its mailing list and how to find out about upcoming meetings, please visit the 
Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the 
list's archives can be browsed and searched on the Internet.  This means these 
messages can be viewed by (among others) your bosses, prospective employers, 
and people who have known you in the past.

ANNOUNCEMENTS: To send announcements to the Micronet list, please use the 
micronet-annou...@lists.berkeley.edu list.

Reply via email to