Security updates available for Adobe, Chrome, Firefox, VMWare, and Zoom
Security updates are not just for enterprises with a dedicated security team and a change-man 2026-7-16 10:47:22 Author: www.malwarebytes.com(查看原文) 阅读量:3 收藏

Security updates are not just for enterprises with a dedicated security team and a change-management calendar. For consumers and small businesses, they are one of the simplest ways to shut down known attack paths before criminals get a chance to use them.

That matters because attackers love these flaws. because browser bugs, code execution issues, authentication bypasses, and privilege-escalation problems can be turned into a foothold, a data theft opportunity, or a full system compromise if left unpatched.

If you only do one thing after reading a security advisory, make it this: update the affected software promptly, restart when required, and verify the version afterward.

Adobe

Adobe released a large batch of security updates covering ColdFusion, Commerce/Magento Open Source, and Experience Manager. The ColdFusion bulletin alone includes multiple critical flaws that could lead to arbitrary code execution.

The updates and instructions can be found on the pages we linked to.

Chrome

Google patched 15 security flaws in Chrome, including two critical use-after-free bugs in Ozone. The fixes are in Chrome 150.0.7871.124/.125, depending on platform.

You can find an explanation of the version numbering system and step-by-step instructions in our guide to how to update Chrome on every operating system.

Firefox

Mozilla fixed two critical Firefox flaws in Firefox 152.0.6, and it says public exploit code exists for both issues. One affects JavaScript/WebAssembly and the other involves DOM navigation and site isolation, which makes this more than routine housekeeping.

Users should update Firefox to version 152.0.6 as soon as possible. For most users this can simply be done by restarting the browser. If you see the “What’s new” tab, the update is complete.

VMWare

Broadcom released a fix for a critical authentication bypass in VMware Avi Load Balancer, tracked as CVE-2026-47865. The issue could allow a network-accessible attacker to reach the Avi Control Plane, which makes it especially important in environments that expose management services or rely on load balancers at the edge.

Updates and the instructions to apply them can be found in the Security Advisory.

Zoom

Zoom Security Bulletin ZSB-26014 covers a critical issue in Zoom Workplace for Windows, described as improper input validation. The public record identifies the issue as CVE-2026-53412.

For users, the action item is to update Zoom Workplace for Windows to the vendor-fixed release as soon as it is available in your environment. For small businesses, that means updating not just the app on employee laptops, but also any centralized deployment package so the old build doesn’t come right back on the next install cycle.


CNET Editors' Choice Award 2026

“One of the best cybersecurity suites on the planet.” 

According to CNET. Read their review


About the author

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.


文章来源: https://www.malwarebytes.com/blog/bugs/2026/07/security-updates-available-for-adobe-chrome-firefox-vmware-and-zoom
如有侵权请联系:admin#unsafe.sh