As Patch Tuesday looms ahead, it’s worth looking back on how eventful the month of July has been. We’ve had security releases from nearly every major vendor between the Tuesdays. These vendors include Oracle, Wireshark, Foxit, Google, and Mozilla, with a grand total of 149 CVEs! July was a seriously dense month indeed.

If your patch cycle is limited to a monthly basis, the above third-party applications are currently vulnerable in your environment. Get these updates included on your next push to ensure your environments are as secure as possible.

Don’t forget to register for our Patch Tuesday Webinar for in-depth coverage and analysis!

Security Releases

Mozilla is rounding out the bunch with the release of Thunderbird 60. This update is currently only being offered as a direct download with the built-in updater not offering an upgrade path.

This release remediates 14 CVEs, with five classified as critical. Some of the vulnerabilities might look familiar, and you’d be right to think so. Nine of the vulnerabilities are shared with the previous 52.9 release, most likely due to Mozilla’s direct-download requirement. Notably, CVE-2018-5187 is a critical CVE shared with Firefox 61 where memory corruption could be used to run arbitrary code.

Here’s a list of the CVEs and their color-coded severity:

patch review screenshot

Further details are available on Mozilla’s security advisory page.

Third-Party Updates

As always, a series of third parties updated this week. Even though these updates do not have any CVEs, they may still have undisclosed security fixes as well as helpful stability fixes for your organization. Here are the updates we released in our content this week:

Bulletin Title

Ivanti ID

Ivanti KB

Bandicut 3.1.3

BANDICUT-008

QBCUT313

Google Chrome 68.0.3440.106

CHROME-232

QGC6803440106

Firefox 61.0.2

FF18-014

QFF6102

FileZilla Client 3.35.2

FILEZ-075

QFILEZ3352

GoodSync 10.9.6

GOODSYNC-092

QGS1096

Nitro Pro 12.1.0.195

NITRO-013

QNITRO1210195

Opera 54.0.2952.71

OPERA-178

QOP540295271

Microsoft Power BI Desktop 2.61.5192.541

PBID-036

QBI2615192541

Plex Media Player 2.16.0

PLXP-017

QPLXP2160

Skype 8.27.0.85

SKYPE-139

QSKY827085

VMWare Horizon Client 4.8.1

VMWH-006

QVMWH481

More Patch Resources: