March 12, 2024 at 08:21PM
Microsoft’s latest Patch Tuesday delivered 61 CVE-tagged vulnerabilities, including two critical bugs affecting Windows Hyper-V hypervisor. One is a remote code execution (RCE) flaw, while the other is a denial of service (DOS) vulnerability. Other high-severity flaws include a critical RCE in Open Management Infrastructure (OMI) and an elevation of privilege flaw in Microsoft Azure Kubernetes Service Confidential Containers. Adobe, Intel, AMD, SAP, Cisco, Google, and Fortinet also released security updates for various products and services, addressing a range of vulnerabilities.
Summary of the meeting notes:
Microsoft:
– 61 CVE-tagged vulnerabilities, none listed as under active attack or known to the public
– Two critical vulnerabilities affect Windows Hyper-V hypervisor, with CVSS ratings of 8.1 and 5.5
– Other high-rated vulnerabilities include OMI RCE vulnerability and Azure Kubernetes Service flaw
– Adobe: 56 vulnerabilities in various products with Experience Manager being the most affected
– Intel: 11 CVEs across hardware, firmware, and software with medium and high-severity flaws
– AMD: Addressed a race-condition bug and a side-channel attack vulnerability
– SAP: 12 new and updated Security Notes, including HotNews Notes addressing code injection vulnerabilities
– Cisco: Updated critical vulnerabilities in vManage software and Secure Client, along with other advisories
– Google Android: Addressed 38 flaws, including critical RCE and elevation of privilege vulnerabilities
– Fortinet: Released five security updates addressing vulnerabilities in various products, including FortiOS, FortiProxy, and FortiWLM MEA
Please let me know if you need further details or clarification on any specific points.