Critical Security Update: May 14, 2024 (Microsoft, Apple, Google, VMware, and AT&T)
Critical Security Update
Microsoft, Apple, Google, VMware, and AT&T
Risk 1: HIGH - URGENT
Issue: Microsoft has released a patch for a zero-day (known and published - so the bad guys know about it now, too) vulnerability. This is connected to malware named Qakbot. This vulnerability allows individuals to obtain remote access to your services - not just your screen, but the actual services running on your machine.
Resolution: A patch was released overnight - please apply the most recent Windows update immediately. The patches this week also fix over 60 other vulnerabilities.
Risk 2: HIGH - URGENT
Issue: Apple felt left out so they also announced a zero-day vulnerability connected to their Safari web browser kit - this is used by both their Safari web browser but also by many other apps that have web access. This was discovered during a recent hacking competition. This impacts potentially all Apple hardware and software.
Apple also patched several vulnerabilities for “older” iDevices, although a full list of which devices were patched was not released.
Resolution: The vulnerability has been patched so please update all of your Apple devices and applications immediately.
Risk 3: Medium
Issue: VMware (used for virtual machines and some remote access) has announced several exploit fixes as well for their entire platform.
Resolution: Please update your VMware solutions to apply this patch.
Risk 4: High
Issue: Google released an emergency fix for its Chrome web browser. This was tagged as an emergency update which typically means both remote access and data leak is possible.
Resolution: Please update all versions of Google Chrome on all platforms.
Risk 5: High
Issue: AT&T began delaying emails to/from Microsoft 365 over the concern of increased and unfiltered spam.
Resolution: There is no action for recovery. This is just an FYI.
Announced Data Breaches
Helsinki
Firstmac
The Post Millennial (news site)
Dell
Ascension
Ohio Lottery
Monday.com
Poland