Overview
These security updates fix vulnerabilities that could allow a remote attacker to take control of an affected system or launch cyber-attacks.
Zyxel has released a security update to address a vulnerability in the NBG7510 home routers
Microsoft has released its December security updates for vulnerabilities in multiple Microsoft products. A Windows Smartscreen vulnerability is currently being exploited by threat actors.
Apple has released security updates that include a patch for an exploited vulnerability for iOS, iPadOS, Safari, tvOS, and macOS Ventura.
Samba released an update to address four vulnerabilities that could allow a privilege-escalation attack
VMware has released critical and important updates for ESXi, Workstation, Fusion, vRealize Network Insight, and Workspace One Access and Identity Manager.
Citrix released a critical vulnerability advisory relating to Citrix Gateway and Citrix ADC and Hypervisor. This Gateway and ADV vulnerability is known to be currently exploited by threat actors.
SAP – December’s security updates address vulnerabilities affecting multiple products
Recommended Actions
Users of these products are encouraged to review the appropriate security and advisory pages and apply the updates:
- Zyxel router – Security Advisory
- Microsoft – Update Guide
- Apple – Security Advisories
- Samba – Security Advisories
- VMWare – VMWare Security Advisories
- Citrix – Citrix Security Updates and Threat Hunting Guidance (published by the US National Security Agency)
- SAP – Security Patch Day document
If you have any concerns or have been affected by a cyber-related issue, please report it to us by submitting a Cyber Concerns Online Reporting Form.