For this week of the month, you usually find me talking about the “calm before the storm.” This is not one of those months. Between new security releases from Adobe and Mozilla as well as a quiet re-release from Microsoft, it has been far from calm.

Before we get onto the highlights of the week, Bloomberg released a shocking article detailing an intentionally placed hardware vulnerability in common datacenter hardware. I wish I could do justice to the scope of this article, but it’s really an incredible study. The year 2018 was already set to go down as the year of hardware vulnerabilities thanks to Spectre, Meltdown, and Foreshadow, but this cements it in the record books.

Security Releases

Patch week came early for Adobe alongside a release for its Acrobat products. APSB18-30 remediates an impressive 86 vulnerabilities. Of these vulnerabilities, 48 are classified as Critical, with CVE-2018-15966 standing out from the pack. This vulnerability could allow an attacker to gain privileges on the system to potentially leverage further system exploits.

Adobe’s Security Bulletin covers all three supported branches of both Acrobat and Acrobat Reader, so be sure to include this common software in this upcoming patching cycle.

Mozilla also joined the party with releases for Firefox, Firefox ESR, and Thunderbird:

Microsoft Security Re-Release

Earlier this week, Microsoft released KB4463110 for Visual Studio 2015 to replace KB4456688, which was released for August Patch Tuesday remediating CVE-2018-0952. It appears that the vulnerability might not have been remediated completely, as no stability issues were mentioned in the new KB.

Third-Party Updates

These assorted updates might not have CVEs, but they may still have helpful stability fixes as well as undisclosed security fixes. These are the miscellaneous updates we released in our content for the week:

Bulletin title

Bulletin ID

KB

Audacity 2.3.0

AUDACITY-230

QAUD230

Evernote 6.15.4.7934

ENOT-012

QENOT61547934

FileZilla Client 3.37.3

FILEZ-079

QFILEZ3373

FileZilla Client 3.37.4

FILEZ-080

QFILEZ3374

GoodSync 10.9.10

GOODSYNC-096

QGS10910

Nitro Pro 12.5.0.268

NITRO-017

QNITRO1250268

Opera 56.0.3051.36

OPERA-185

QOP560305136

PDF-Xchange PRO 7.0.327.0

PDFX-025

QPDFX703270

Plex Media Player 2.20.0

PLXP-022

QPLXP2200

Slack Machine-Wide Installer 3.3.3

SMWI-028

QSMWI333

Splunk Universal Forwarder 7.2.0

SPLUNKF-030

QSPLUNKF720

TeamViewer 11.2.2150

TVIEW-038

QTVIEW1122150

TeamViewer 13.2.26558

TVIEW-039

QTVIEW132265580

Visual Studio 2017 version 15.8.6

MSNS18-1002-VS2017

QVS20171586

VMware Tools 10.0.12

VMWT-026

QVMT10012

WinRAR 5.61

WRAR-016

QWRAR561

More Patch Resources: