With Patch Tuesday on the horizon, make sure to sign up for our Patch Tuesday Webinar where we recap all of the upcoming surprises that our monthly patching holiday brings!

Security news was ablaze this week with the latest speculative execution vulnerability announced. CVE-2019-1125, also known as the “SWAPGS” vulnerability, allows an attacker to steal information by reading from privileged memory that could include passwords, credentials, keys, or other critical data. The most interesting thing about this vulnerability is that you’ve probably already remediated against it without noticing! Microsoft secretly included this vulnerability within the July Patch Tuesday patches. Lastly, this vulnerability type is notorious for impacting performance. Phoronix has begun performing preliminary benchmarks on an Ubuntu machine. Fortunately, Phoronix found that the impact is minimal, but measurable.

Security Releases

Google Chrome once again pushed another release this week, bringing a total of three security releases between Patch Tuesdays. Version 76.0.3809.100 is reported to include four security fixes with two CVEs. The “high” severity vulnerability, CVE-2019-5868, details a “use-after-free” vulnerability where specially crafted content could be used to execute code on the system. Given the numerous releases this month, I wouldn’t expect a surprise release for Patch Tuesday, but who knows?

Third-Party Updates

Other third-party vendors have been busy this week with numerous non-security releases. While these releases are not associated with a CVE, they can include valuable stability fixes as well as undisclosed security fixes:

Software Title

Ivanti ID

Ivanti KB

Allway Sync 19.1.5

ALLSYNC-008

QALLSYNC1915

Box Sync 4.0.7965.0

BOXSYNC-023

QBOXSYNC4079650

Camtasia 2019.0.5

CAMTA-020

QCAMTASIA1905

Firefox ESR 68.0.1

FFE19-6801

QFFE6801

GoodSync 10.10.2

GOODSYNC-125

QGS101022

GoodSync 10.10.3

GOODSYNC-126

QGS101033

Node.JS 10.16.2 (LTS Upper)

NOJSLU-010

QNODEJSLU10162

Node.JS 12.8.0 (Current)

NOJSC-019

QNODEJSC1280

Opera 62.0.3331.116

OPERA-223

QOP6203331116

Plex Media Player 2.39.0

PLXP-043

QPLXP2390

TortoiseSVN 1.12.2

TORT-034

QTORT1122

VNC Viewer 6.19.715

VNCV-001

QVNCV619715

Free Whitepaper: What to do BEFORE all hell breaks loose