Black Arrow Cyber Advisory 11 September 2024 – Microsoft Patch Tuesday, Adobe and Ivanti Security Updates
Executive summary
Microsoft’s September Patch Tuesday provides updates to address 79 security issues across its product range, including four actively exploited zero-day vulnerabilities and one publicly disclosed zero-day. In addition to the Microsoft updates this week also saw Adobe fix 28 vulnerabilities across various products, and Ivanti addressing several critical severity vulnerabilities in their Endpoint Manager product, and several high severity vulnerabilities in their Workspace Control and Cloud Security Appliance products.
What’s the risk to me or my business?
The actively exploited vulnerabilities could allow an attacker to compromise the confidentiality, integrity and availability of the affected applications and the organisations data on the affected systems.
What can I do?
Black Arrow recommends applying the available security updates for all supported versions of Windows, Adobe and Ivanti that are products impacted. The updates should be applied as soon as possible for the actively exploited vulnerability and all other vulnerabilities that have a critical severity rating.
Microsoft
Further details on other specific updates within this Microsoft patch Tuesday can be found here:
Adobe
Further details of the vulnerabilities in Adobe products can be found here under ‘Recent bulletins and advisories’:
https://helpx.adobe.com/security/security-bulletin.html
Ivanti
Further details of the vulnerabilities in Ivanti Cloud Service Appliance (CSA) can be found here:
Further details of the vulnerabilities in Ivanti Workspace Control (IWC) can be found here:
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Workspace-Control-IWC?language=en_US
Further details of the vulnerabilities in Ivanti Endpoint Manager (EPM) can be found here:
Need help understanding your gaps, or just want some advice? Get in touch with us.
#threatadvisory #threatintelligence #cybersecurity