From Google Chrome and Android OS to Zoom and Apple iOS, all have released significant security patches to fix urgent vulnerabilities. However, Microsoft has not been that successful with its patch fixes. Additionally, even Cisco, Nvidia, Zoom, and VMWare have released patches for serious flaws. Here are the details of some significant OS patches in May –
Firefox security update
In early May, Mozilla introduced the Firefox 100 with nine security fixes for the browser. However, some ethical hackers demonstrated how the new software was vulnerable to attackers. So, the company issued another update – Firefox 100.0.2, Firefox ESR 91.9.1, Firefox for Android 100.3, and Thunderbird 91.9.1.
Android’s security patches
Android’s May security update was a big one, fixing 36 vulnerabilities, including an issue already being exploited by attackers. Besides that, Android fixed 15 high-severity and one critical issue in Qualcomm components. In addition, it resolved two denial-of-service flaws in the system and three high-severity issues in MediaTek components. Additional vulnerabilities also got fixed by the May security patch in Google Pixel and Samsung devices. And so far, the Samsung Galaxy S22, Galaxy S22+, Galaxy S22 Ultra, the Galaxy Tab S8 series, the Galaxy Watch 4 series, and the Galaxy S21 series have received it.
Apple fixes multiple OS.
The Cupertino giant will soon announce iOS 16 at its WWDC next week. Hence, the recent update to its iOS 15-point in May is probably the last for that OS. However, the update included new features. In addition, the iOS and iPadOS 15.5 patches fixed 34 security flaws, with the one in iOS 15.5 fixing flaws in the Kernel and WebKit browser engine. And although there are no attacks due to the new security patches in iOS and iPadOS, it is best to update them. In addition, Apple warns users of macOS, tvOS, and WatchOS to update their devices ASAP.
Chrome 102 security update
Google Chrome’s May security patch fixed 32 critical and eight high-severity issues. Fortunately, none of them have been exploited yet. In early May, Google released 13 fixed in Chrome v101.0.4951.61 for Android.
Cisco, Nvidia, VMWare, and Zoom May updates
Cisco fixed high-severity issues — tracked as CVE-2022-20777, CVE-2022-20779, and CVE-2022-20780 with the May security update.
In mid-May, Nvidia issued a security patch for its GPU display driver with ten vulnerabilities. The updates are available on Nvidia’s downloads website.
VMWare released fixes for multiple problems. In addition, the cloud provider warns users to apply the patches immediately as “the ramifications are serious” for some of the issues.
Zoom introduced version 5.10.0 to patch an issue discovered by security researchers at Google’s Project Zero in February.
Microsoft’s May patch that went awry
Meanwhile, Microsoft’s May Patch Tuesday was a disaster for anyone who installed it immediately. The company issued the security patches to fix 75 vulnerabilities, with eight being serious and three being exploited by attackers. And even though it fixed the issues, there were soon problems for some Microsoft users. Consequently, some users reported authentication failures after installing the latest updates. In addition, it affects users with Windows platforms, including Windows 11 and Windows Servers 2022. Thus, to fix this problem, Microsoft issues an out-of-band update for Windows 10 and 11. And also for Windows Server 2008, 2012, 2016, 2019, and 2022 on May 20. Lastly, users need to download the update from Microsoft’s update catalog.