Please see Security Advisories for the week ending April 29, 2022
- Google Releases Security Updates for Chrome Browser
- Cisco Releases Security Updates for Multiple Products
- CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine
Google has released a new Chrome browser version 101.0.4951.41 for Windows, Mac, and Linux operating systems.
Google has patched 30 security vulnerabilities ranging from Low to High severity. These vulnerabilities include use-after-free, buffer overflow, out of bounds memory access, insufficient data validation.
An attacker who is able to successfully exploit some of these vulnerabilities could take control of the affected device.
Google recommends users update their Chrome browser to version 101.0.4951.41 or newer.
Additional information can be found in the link below.
Google Release Notes:
Cisco has released security updates to address vulnerabilities in multiple Cisco products.
The vulnerabilities reside in Cisco products from:
The Cisco vulnerabilities listed above range from an impact scope of medium to high.
An attacker could exploit some of these vulnerabilities to take control or damage an affected system.
CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates.
CISA and the Federal Bureau of Investigation (FBI) have updated joint Cybersecurity Advisory AA22-057A: Destructive Malware Targeting Organizations in Ukraine.
threat actors deployed destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable.
Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data. Further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries.
CISA and the FBI encourage organizations to review the update to AA22-057A as well as the Shields Up Technical Guidance webpage for ways to identify, respond to, and mitigate disruptive cyber activity.
For a more technical overview:
Shields Up Technical Guidance: