Podcast Detail

SANS Stormcast Thursday April 17th: Apple Updates; Oracle Updates; Google Chrome Updates; CVE News;

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9412.mp3

previous
Podcast Logo
Apple Updates; Oracle Updates; Google Chrome Updates; CVE News;
00:00

Apple Updates
Apple released updates for iOS, iPadOS, macOS, and VisionOS. The updates fix two vulnerabilities which had already been exploited against iOS.
https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Vulnerability/31866

Oracle Updates
Oracle released it quarterly critical patch update. The update addresses 378 security vulnerabilities. Many of the critical updates are already known vulnerabilities in open-source software like Apache and Nginx ingress.
https://www.oracle.com/security-alerts/cpuapr2025.html

Oracle Breach Guidance
CISA released guidance for users affected by the recent Oracle cloud breach. The guidance focuses on the likely loss of passwords.
https://www.cisa.gov/news-events/alerts/2025/04/16/cisa-releases-guidance-credential-risks-associated-potential-legacy-oracle-cloud-compromise

Google Chrome Update
A Google Chrome update released today fixes two security vulnerabilities. One of the vulnerabilities is rated as critical.
https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html

CVE Updates
CISA extended MITRE’s funding to operate the CVE numbering scheme. However, a number of other organizations announced that they may start alternative vulnerability registers.
https://euvd.enisa.europa.eu/
https://gcve.eu/
https://www.thecvefoundation.org/

no transcript found