Atlassian Cloud Vulnerability
by Artie Kaye

Two flaws were discovered in the product Jira Align.  The first flaw could allow an attacker to retrieve credentials associated with the instance.  The second is an elevation of privileges, giving them highest available access.  The company has released an updated version of the software that addresses these security holes.  Patching to version 10.109.3 should ameliorate the issue.

https://bishopfox.com/blog/jira-align-advisory

https://www.darkreading.com/vulnerabilities-threats/atlassian-vulnerabilities-highlight-criticality-cloud-services

https://www.scmagazine.com/news/cloud-security/potentially-far-reaching-vulnerabilities-found-in-atlassians-jira-align-platform

Chrome Ending Support For Windows 7 and 8.1
by Artie Kaye

Google announced that with the end of Microsoft’s support of the operating systems in February of 2023, it will no longer be supplying updates for their browser on 7 or 8.1.  The old versions will still function on these operating systems, but no more security or bug fixes will be rolled out for them.  Changing to a supported version will help keep your system safe.

https://support.google.com/chrome/thread/185534985/sunsetting-support-for-windows-7-8-1-in-early-2023?hl=en

https://www.androidauthority.com/chome-support-ending-windows-7-3224063/

https://www.bleepingcomputer.com/news/google/google-chrome-to-drop-support-for-windows-7-81-in-feb-2023/

Apple Device Patches
by Artie Kaye

Apple has released iOS 16.1 and iPadOS 16.  With these versions comes security updates as well, patching a zero-day flaw in their systems.  Update your devices when you can.

https://support.apple.com/en-us/HT213489

https://www.bleepingcomputer.com/news/apple/apple-fixes-new-zero-day-used-in-attacks-against-iphones-ipads/