Big Tech Rushing to Patch Vulnerabilities

September was a busy month for many tech companies as they rush to patch identified vulnerabilities.

Earlier this month Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors.

On Tuesday September 12 th Mozilla released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser.

According to the description on the National Vulnerability Database (NVD), the flaw could allow a remote attacker to perform an out-of-bounds memory write via a crafted HTML page.

Even Google hasn’t been left alone. On September 11th they released out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild.

Apple Security Engineering and Architecture (SEAR) and the Citizen Lab at the University of Toronto Munk School have been credited with discovering and reporting the flaw on September 6, 2023.

The development comes the same day Apple expanded fixes to remediate CVE-2023-41064 for the below devices and operating systems:

  • iOS 15.7.9 and iPadOS 15.7.9 – iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
  • macOS Big Sur 11.7.10 and macOS Monterey 12.6.9

Ensuring your software is up to date can help protect your businesses from malicious attacks. If you have any doubts about your I.T security please reach out to Britec. Our seasoned team of professionals would be glad to assist you to ensure your business is protected.