You Need to Update Windows and Chrome Right Now

The month of June has seen the release of multiple security updates, with important patches issued for the likes of Google's Chrome andAndroid as well as dozens of patches for Microsoft products, including fixes for a Windows zero day vulnerability that attackers had already exploited. At the time of writing, there were no Apple updates, but there were some enterprise-focused patches.

Major patches have been released in the last month.

There is a software company called Microsoft.

55 flaws in the tech giant's products were fixed in Microsoft's Patch Tuesday release. Since at least May, Microsoft has been aware of an RCE issue in Windows dubbed Follina, which was addressed in this Patch Tuesday.

Follina, which takes advantage of vulnerabilities in the Windows Support Diagnostic tool, has already been used by multiple criminal groups and state-sponsored attackers.

Three of the vulnerabilities addressed in Patch Tuesday affect Windows server. The patches seem to be breaking some connections.

It is possible to use the chrome browser.

The updates for the web browser, known as "Chrome", are coming thick and fast. The world's most popular browser is a big target for hackers. Some of the vulnerabilities that were patched in June of this year are serious.

The biggest flaw is a use-after-free issue in Base that could lead to arbitrary code execution, denial of service, or corruption of data. The flaw could lead to a full system compromise.

There are flaws in the V8 Javascript and WebAssembly engine as well as vulnerabilities in interest groups.

There is a mobile operating system called "Android."

A critical security vulnerability in the System component that could lead to remote code execution is the most severe of the multiple security issues patched in June.

The updates were released to fix issues in the media framework and system components.

The device maker rolled out its patches very quickly, which seems to have been good for users of the device. The June security update is applicable to the following: the S7 series, S21 series, S22 series, and the Z Fold 2.

There is a company called "Cisco." It is located in the state of California.

In June of this year, a patch was released to fix a critical vulnerability that could allow a remote attacker to gain access to a device.

If an attacker enters something specific on the login page of the affected device, it could be used to gain access to the web-based management interface.

It's called Citrix.

There are some major vulnerabilities that could allow attackers to reset admin passwords, and they need to be fixed by users. According to a security bulletin, the vulnerabilities in the application delivery management could cause the system to be corrupted by a remote user. The company wrote that the impact of this can include the reset of the administrator password at the next device restart.

Traffic from standard network traffic should be divided into two parts. The risk of exploitation is lessened by this. The vendor told customers to install the updated versions of the server and agent.

There is a company called "Saap."

Three of the 12 security patches released by the software company are serious. The first listed by the firm relates to an update that was released in April of last year. The patch should be applied immediately since it has a severity score of 10.

There is an issue in the NetWeaver and ABAP platform that could allow an attacker to execute a command from a remote client. There are three major patches that fix a privilege bug in the PowerDesigner Proxy.

Splunk is a software program for analyzing data.

Splunk has released some patches that fix issues that could lead to arbitrary code execution.

The flaw could allow an adversary to compromise a Universal Forwarder endpoint and execute code on other endpoints. There is no indication that the vulnerability has been used in a real world attack.

There is a plug-in for Ninja forms.

A serious issue that is probably being used by attackers in the wild has been fixed by Ninja Forms. There is a code injection vulnerability that made it possible for unauthenticated attackers to call a limited number of methods in various Ninja Forms classes.

Researchers said this could allow attackers to execute code on sites with a separate POP chain.

The flaw has been fixed in all versions of the program. Your site may already be using one of the patched versions, because the plug-in appears to have been automatically updated.

There is a company named Atlassian.

A zero-day flaw that is being exploited by attackers has been fixed by Atlassian. The RCE vulnerability in the data center can be used to take over internet-exposed server

Git Lab.

There are important security fixes for eight vulnerabilities that could allow for account takeover.

It is recommended that all GitLab installations be upgraded to the latest version as soon as possible. There is a patched version of GitLab.com.