Security Alert - Urgent Web Browser Patches
A critical zero-day vulnerability in Google Chrome, Microsoft Edge, and Mozilla Firefox may lead to arbitrary code execution. The vulnerability is a heap buffer overflow in the encoding of VP8 video in the libvpx video codec library used by each browser. Google states this vulnerability is being actively exploited. Patch now. For Google Chrome: To check if your browser is updated, navigate to Settings > Help > About Google Chrome or chrome://settings/help in the address bar. If your Chrome browser is listed as 117.0.5938.132 or higher, you are protected. For Microsoft Edge: To check if your browser is updated, navigate to Menu > Help and Feedback > About Microsoft Edge, or edge://settings/help in the address bar. If your Edge browser is listed as 117.0.2045.47 or higher, you are protected. For Mozilla Firefox: To check if your browser is updated, navigate to Settings > Help > About Firefox. If your Firefox browser is listed as either Firefox 118.0.1 or higher, or Firefox ESR 115.3.1 or higher, you are protected. Users should apply the following updates: • Google Chrome: 117.0.5938.132 or higher • Microsoft Edge: 117.0.2045.47 or higher • Mozilla Firefox: 118.0.1 or higher • Mozilla Firefox ESR: 115.3.1 or higher Certified Desktop customers: • Windows: Patches will automatically be installed via SecTeer VulnDetect. • macOS: Patches for Google Chrome, Mozilla Firefox, and Mozilla Firefox ESR will be available today, Monday, October 2 with a deadline of approximately 4:00 pm on Tuesday, October 3. Users who do not have a managed computer and macOS Microsoft Edge users should check for updates and install them. References: Google Chrome Releases: https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html Release Notes for Microsoft Edge Security Updates: https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security Mozilla Foundation Security Advisory 2023-44: https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/ Ars Technica: https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
College Ave between Campus Rd and the stone arch bridge will be reduced to one lane of traffic from Oct. 2 through Oct. 14, 2023, for bus stop paving and sidewalk repair. Bus stop locations will be relocated to College at Oak, SPAC, Sage, or Statler. Construction dates are subject to constant change (i.e. inclement weather, unexpected findings, etc.). Please use caution when traveling through a work zone.
Visit TCAT for service updates and alerts, or download one of the real-time transit apps to view vehicle locations and search for a stop, either by name or stop number.