Multiple vulnerabilities have been discovered in Adobe Products, the most severe of which could allow for arbitrary code execution.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Date: 8 February 2021
On 5 February 2021 Ubuntu released Security Notices to address vulnerabilities in the Linux kernel affecting the following products:
Exploitation of these vulnerabilities could result in denial-of-service, data modification or access to sensitive information.
The Cyber Centre encourages users and administrators to review the following web links and apply the necessary updates.
Ubuntu Security Notice (USN-4711-1)
Ubuntu Security Notices
A vulnerability has been discovered in Google Chrome, which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. If this application has been configured to have fewer user rights on the system, exploitation of the vulnerability could have less impact than if it was configured with administrative rights.
A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
On 2 February 2021 Google published a Security Advisory to address vulnerabilities in the following product:
Chrome for Desktop – versions prior to 88.0.4324.146
Stable Channel Update for Desktop
On 1 February 2021 SonicWall published an Alert to address a vulnerability in the following product:
Secure Mobile Access (SMA) 100 series – version 10.x
Urgent Patch Available for SMA 100 Series 10.x Firmware Zero-Day Vulnerability [Updated Feb. 3, 2 P.M. CST]