[Have you patched these vulnerabilities in Google Chrome?]

Google Chrome decided to spook its users this Halloween by issuing an update that fixes 2 new use-after-free vulnerabilities "CVE-2019-13720" and "CVE-2019-13721", of which CVE-2019-13720 is already exploited in the wild. Use-after-free flaw, which in the least could result in a crash or could be leveraged by an attacker to run arbitrary codes or even enable remote code execution.

 

CVE-2019-13720 - affects the Chrome's audio component.

CVE-2019-13721-  affects the PDFium library.

 

Google also announced, "Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed."

 

Resolution:

To stay secure against the aforementioned vulnerabilities, kindly update your systems to the latest chrome version 78.0.3904.87 by deploying the following patches using Patch Connect Plus, an integration software for third-party patching for SCCM:

 

Patch ID:

311540 (64 bit) 

311539 (32 bit)

 

Happy patching! Stay secure!

[Have you patched Adobe's 82 out-of-band security updates?]

On the Tuesday after the Patch Tuesday this month, Adobe has released out-of-band security updates to patch a total of 82 security vulnerabilities across products listed below. 

• Adobe Acrobat and Reader

• Adobe Experience Manager

• Adobe Experience Manager Forms

• Adobe Download Manager

Of these 82 vulnerabilities, 45 are rated critical and if exploited, attackers can execute arbitrary code in the context of the current user.

If you're an SCCM admin, you can deploy these out-of-band security updates using Patch Connect Plus. You can search for the following PatchIDs from the console and deploy them to your endpoints.

 

Acrobat Reader DC Continuous :

PatchID : 311276

BulletinID : TU-072 

Patch Description : Adobe Acrobat Reader DC (Continuous Track) update - All languages (19.021.20047) (APSB19-49)

 

Acrobat DC Continuous :

PatchID : 311283

BulletinID : TU-137

Patch Description : Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (19.021.20047) (APSB19-49)

 

Acrobat DC Classic 2015 :

PatchID : 311277

BulletinID : TU-135

Patch Description : Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages (15.006.30504) (APSB19-49)

 

Acrobat Reader DC Classic 2015:

PatchID : 311282

BulletinID : TU-136

Patch Description : Adobe Acrobat Reader MUI DC (Classic Track) update - All languages (15.006.30504) (APSB19-49)

 

Acrobat DC Classic 2017 :

PatchID : 311284

BulletinID : TU-753

Patch Description : Adobe Acrobat 2017 Pro and Standard (Acrobat 2017 Track) update - All languages (17.011.30150) (APSB19-49)

 

Acrobat Reader DC Classic 2017 :

PatchID : 311285

BulletinID : TU-754

Patch Description : Adobe Acrobat Reader 2017 MUI (Classic Track) (17.011.30150) (APSB19-49)

 

Patch Connect Plus helps you manage over 200 third-party applications, along with Application management and Admin tools for improved productivity.
Get started with Patch Connect Plus now and maximize your SCCM utility! 

 

[[Free Webinar] Streamlining third-party patch management in SCCM]

Microsoft SCCM is an exemplary tool for managing Microsoft applications. But handling third-party applications isn't yet its game. Join our free webinar with Anoop C. Nair, Microsoft MVP, to learn why patching third-party applications is essential and how it can be streamlined in SCCM.

 

Please register here: https://www.manageengine.com/third-party-patching-webinar-with-MVP-Anoop

 

 

 

[Experience SCCM like never before. Third-party patching, application management, and admin tools for SCCM in a single package.]

Patch Connect Plus, a third-party add-on for SCCM, brings two new features - Application Management, and Admin Tools to make your SCCM experience comprehensive. 

Application Management:

1. Select your desired application that needs to be created in SCCM from a vast repository of applications

2. Customize the application deployment with custom scripts and pre-defined application templates

Admin Tools:

1. Access 25 of the most essential client management tools from SCCM console

2. Perform a wide range of functions like on-demand client operation, client troubleshooting, and system management actions

You can try the fully functional version free for 30 days! Drop a comment should you have any query. 

[Third-party custom catalogs for ConfigMgr 1806 & 1810]

Hey Windows Pros, 

I work as a tech-marketer for ManageEngine. We have some exciting news from Patch Connect Plus, which I thought will be valuable to you.

We have introduced "Standard edition" which offers third-party software catalogs to your SCCM 1806. These catalogs can also be used to publish to SCUP too. So if you'd like to avail a free trial and see how it works on your SCCM environment, you can get started here. 

Here's a list of applications supported: https://www.manageengine.com/sccm-third-party-patch-management/supported-applications.html

You can learn how to  add the third-party catalogs to SCCM from the video: 

 

You can write to sales@manageengine.com if you would like to avail an extension of the free trial(30 days default)/avail more applications under the Standard edition for catalogs. 

Happy to help.