Update Chrome, 0-Day Actively Being Exploited

No technical details, but it affects all versions of Chrome.  Update (Help->About Chrome) ASAP.


PDF Signatures Broken

You cannot trust PDF signatures.  Researchers have found a way to forge them.


New Thunderbolt Vulnerability, “Thunderclap”

The flaw allows full read/write access to memory which can be used for code execution.  All modern OSes and most hardwares (including Apple) are affected.


CloudBourne – Take Control of “Baremetal” Servers in the Cloud

By overwriting the server’s controller firmware, and installing their own, hackers can take control of physical servers hosted in vendor “clouds.”


Nvidia Patches Windows and Linux Drivers

Eight security issues in the graphics drivers could lead to system compromise.  Update your software.


Adobe Patches Reader

Adobe has released a patch for Acrobat Reader, update it if you use it.


Critical Flaw in Drupal 7 and 8, Update Now

A flaw could allow remote execution of user provided PHP code.  No technical details yet about CVE-2019-6340 but a patch has been released.

 


Apple Releases Fix for Facetime Group Bug

Apple has released an update to iOS that fixes the Facetime Group bug.


Critical Adobe Acrobat/Reader Patches

Adobe has released emergencies patches for Reader and Acrobat for Windows and MacOS.


Critical Flaw Found in Kubernetes

The first major flaw can lead to full compromised via unauthenticated (no username or password required) network connection.  No easy way to detect.  If you use Kubernetes for your containerized (yes, that’s a word) application deployment, you need to patch.