OpenSSL has released update patching vulnerabilities. These updates address vulnerabilities that could potentially allow an attacker to cause a Denial of Service (DoS) condition or execute man-in-the-middle attacks.

The following updates are available:

• OpenSSL 1.0.1 users should upgrade to 1.0.1j
• OpenSSL 1.0.0 users should upgrade to 1.0.0o
• OpenSSL 0.9.8 users should upgrade to 0.9.8zc

Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.

Google has released security updates to address multiple vulnerabilities in Chrome and Chrome OS. This update addresses the vulnerabilities that could allow an attacker to take control of the affected system.

Updates available include:

Chrome 38.0.2125.104 for Windows, Mac and Linux

Chrome OS 38.0.2125.108 for all Chrome OS devices except Chromeboxes

Users and administrators are encouraged to review the Google Chrome release blog entries 1 and 2 and apply the necessary updates.

The Mozilla Foundation has release a security updates to address multiple vulnerabilities in Firefox, Thunderbird and Firefox ESR. These updates address vulnerabilities that could allow an attacker to execute arbitrary code, obtain sensitive information, cause an exploitable crash, and conduct a man-in-the-middle attack.

The following updates are available:

• Firefox 33
• Firefox ESR 31.2
• Thunderbird 31.2

Users and administrators are encouraged to review the security advisories released from Mozilla Foundation for Firefox, Thunderbird and Firefox ESR to apply the necessary updates.

Adobe has released security updates for ColdFusion and Adobe Flash Player for both Windows, Linux and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to bypass IP address access control, perform the Cross-site scripting or Cross-site request and take control of the affected system.

The following updates are available:

• Adobe Flash Player desktop runtime for Windows and Macintosh should update to Adobe Flash Player 15.0.0.189.
• Adobe Flash Player Extended Support Release should update to Adobe Flash Player 13.0.0.250.
• Adobe Flash Player for Linux should update to Adobe Flash Player 11.2.202.411.
• Adobe Flash Player installed with Google Chrome, Internet Explorer 10 and Internet Explorer 11 will be automatically updated to the current version.
• Adobe AIR desktop runtime should update to version 15.0.0.293.
• Adobe AIR SDK and AIR SDK & Compiler should update to version 15.0.0.302.
• Adobe AIR for Android should update to Adobe AIR 15.0.0.293
• Adobe has released security hotfixes for ColdFusion versions 11, 10, 9.0.2, 9.0.1 and 9.0 for all platforms.

Users and administrators are encouraged to review the Adobe Security Bulletins APSB14-22 and APSB14-23 and apply the necessary updates.

Cisco has released a security advisory to address a vulnerability in Cisco Integrated Management Controller (Cisco IMC), SSH module of the Cisco Unified Computing System E-Series Blade servers could allow an unauthenticated, remote attacker to cause a denial of service condition.

Users and administrators are encouraged to review the Cisco Security advisory released to apply the necessary updates.