Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of October 24 - 30. Sign up to get these updates right to your inbox!
Google released Chrome version 95.0.4638.69 for Windows, Mac and Linux, which addresses a vulnerability that could allow an attacker to take control of an affected system.
Sources: chromereleases.googleblog.com
Go continuous delivery (GoCD) released a security update due to a critical authentication vulnerability in certain versions of GoCD that could lead to an attacker acquiring sensitive information.
Sources: gocd.org
The ISC released a security advisory due to a denial-of-service vulnerability affecting multiple versions of the ISC Berkeley internet name domain (BIND).
Sources: kb.isc.org
Versions before 5.14.8 of the Linux kernel contain a use-after-free vulnerability that could be exploited to cause memory corruption and escalate privileges.
Sources: bugs.chromium.org
Cisco released security updates for multiple products that had vulnerabilities an attacker could exploit to take control of affected systems.
Sources: tools.cisco.com
The Homeland Security Systems Engineering and Development Institute released the 2021 CWE most important hardware weaknesses list, which explains common mistakes that lead to critical vulnerabilities that would allow attackers to take control of a system, acquire sensitive information or cause a denial-of-service.
Sources: cwe.mitre.org
Adobe released security updates for multiple Adobe products that had vulnerabilities an attacker could exploit to take control of affected systems.
Sources: helpx.adobe.com
Apple released security updates for eight products that had vulnerabilities an attacker could exploit to take control of the affected systems.
Sources: support.apple.com
