You Need to Update Google Android, Chrome, Windows, IOS and Zoom

May has been another busy month of security updates, with Google’s Chrome browser and Apple’s Android, Zoom and iOS operating system releasing patches to fix serious vulnerabilities.

Meanwhile, things didn’t go well for Microsoft, which was forced to release an out-of-band update after a disastrous Patch Tuesday during the month. And Cisco, Nvidia, Zoom and VMWare have all released patches for pressing flaws.

Here’s what you need to know.

Advertising

Apple iOS and iPadOS 15.5, macOS Big Sur 11.6.6, tvOS 15.5, watchOS 8.6

Apple is expected to announce iOS 16 at its Worldwide Developers Conference in June, with the iPhone maker likely releasing its last major iOS 15 point update in May. It came with new features, but iOS and iPadOS 15.5 also patched 34 security vulnerabilities, some of which are serious.

Security issues addressed in iOS 15.5 include flaws in the kernel, as well as the WebKit browser engine, according to Apple’s support page. Fortunately, none of the fixes released in iOS and iPad 15.5 are used in attacks, according to the company, but that doesn’t mean they won’t be if you don’t update now.

Meanwhile, macOS, tvOS, and Apple Watch users should update their devices as soon as possible, as Apple has also released an emergency update to fix an issue it says is already in use. in the attacks. The flaw in Apple AVD, tagged CVE-2022-22675, could allow an application to execute code with kernel privileges. Problems in the kernel are as serious as it gets, so it’s worth checking and updating your devices right away.

Microsoft Flubbed May Patch Tuesday

Microsoft’s May Patch Tuesday was a disaster for diligent companies that installed it immediately.

On May 10, the firm issued security updates fixing 75 vulnerabilities, eight labeled as serious and three that were being exploited by attackers. The issues fixed in May’s Patch Tuesday were significant, but soon there were issues for some Microsoft users, who reported authentication failures after installing the latest updates. This has impacted people using client and server Windows platforms and systems running all versions of Windows, including Windows 11 and Windows Server 2022.

In a bid to fix the issue, the company was forced to release an out-of-band update for Windows 10, Windows 11, and Windows Server 2008, 2012, 2016, 2019, and 2022 on May 20. The update will not install automatically, you need to download it from Microsoft update catalog.

Firefox 100.0.2

In early May, Mozilla released Firefox 100, including nine security patches for its Firefox browser, seven of which were rated as high severity. But later in May, ethical hackers at Pwn20wn in Vancouver were able to demonstrate how attackers could execute JavaScript code on devices running the latest Mozilla software. Mozilla fixes the issues in another update Firefox 100.0.2, Firefox ESR 91.9.1, Firefox for Android 100.3 and Thunderbird 91.9.1. Click on these update buttons.

Android

The May Android security update is significant, patching 36 vulnerabilities, including an issue already exploited by attackers. This exploited flaw is a privilege escalation bug in the Linux kernel known as “The Dirty Pipe.”

The flaw, which affects new Android devices running Android 12 and later, was disclosed by Google in February, but it took some time to reach the devices.

Leave a Comment