Remote code execution vulnerabilities dominate this month’s security bulletin of warnings and patches. Source link
Tag: patch tuesday
Adobe Warns Windows, MacOS Users of Critical Acrobat and Reader Flaws
The critical-severity Adobe Acrobat and Reader vulnerabilities could enable arbitrary code execution and are part of a 14-CVE patch update. Source link
are you at risk? – Naked Security
Here’s the latest episode of our weekly Naked Security Live video series. By the way, if you want to ask questions in real time while we’re online, we’d love you to join in live – […]
Microsoft Fixes RCE Flaws in Out-of-Band Windows Update
The two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution. Source link
Creepy smartwatches, botnets and Pings of Death – Podcast – Naked Security
In this episode, we investigate a smartwatch for kids with a creepy set of functions, discuss Microsoft’s short-lived takedown of Trickbot, explain how to avoid the Windows “Ping of Death” bug, and (oh no!) find […]
News Wrap: Barnes & Noble Hack, DDoS Extortion Threats and More
From a cyberattack on Barnes & Noble to Zoom rolling out end-to-end encryption, Threatpost editors break down the top security stories of the week. Source link
Windows “Ping of Death” bug revealed – patch now! – Naked Security
Every time that critical patches come out for any operating system, device or app that we think you might be using, you can predict in advance what we’re going to say. Patch early, patch often. […]
October Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug
There were 11 critical bugs and six that were unpatched but publicly known in this month’s regularly scheduled Microsoft updates. Source link
Critical Flash Player Flaw Opens Adobe Users to RCE
The flaw stems from a NULL Pointer Dereference error and plagues the Windows, macOS, Linux and ChromeOS versions of Adobe Flash Player. Source link
Microsoft Overhauls Patch Tuesday Security Update Guide
Microsoft announced a new Security Guide to help cybersecurity profession more quickly untangle relevant bugs in its monthly security bulletins. Source link
DHS Issues Dire Patch Warning for ‘Zerologon’
The deadline looms for U.S. Cybersecurity and Infrastructure Security Agency’s emergency directive for federal agencies to patch against the so-called ‘Zerologon’ vulnerability. Source link
Windows Exploit Released For Microsoft ‘Zerologon’ Flaw
Security researchers and U.S. government authorities alike are urging admins to address Microsoft’s critical privilege escalation flaw. Source link
Microsoft’s Patch Tuesday Packed with Critical RCE Bugs
The most concerning of the disclosed bugs would allow an attacker to take over Microsoft Exchange just by sending an email. Source link
Critical Adobe Flaws Allow Attackers to Run JavaScript in Browsers
Five critical cross-site scripting flaws were fixed by Adobe in Experience Manager as part of its regularly scheduled patches. Source link
Microsoft Out-of-Band Security Update Fixes Windows Remote Access Flaws
The unscheduled security update addresses two “important”-severity flaws in Windows 8.1 and Windows Server 2012. Source link
Citrix Warns of Critical Flaws in XenMobile Server
Citrix said that it anticipates malicious actors “will move quickly to exploit” two critical flaws in its mobile device management software. Source link
Critical Adobe Acrobat and Reader Bugs Allow RCE
Adobe patched critical and important-severity flaws tied to 26 CVEs in Acrobat and Reader. Source link
Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update
The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs. Source link
Adobe Warns of Critical Flaws in Flash Player, Framemaker
Critical Adobe Flash Player and Framemaker flaws could enable arbitrary code execution. Source link
Update now! Windows gets another bumper patch update – Naked Security
After a flurry of zero-day vulnerabilities in recent editions, May’s Patch Tuesday finally gives Windows users a month off having to fix ‘big’ exploited or public flaws. The catch is it’s still one of the […]
Microsoft Addresses 111 Bugs for May Patch Tuesday
Important-rated EoP flaws make up the bulk of the CVEs; SharePoint continues its critical run with four worrying bugs. Source link
Update now! Windows zero day flaws fixed in Patch Tuesday – Naked Security
The COVID-19 pandemic might be causing delays to software schedules, but it’s not managed to stop Microsoft’s April Patch Tuesday update arriving on time this week. That’s just as well because the update’s star fixes […]
April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit
Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns. Source link
Adobe Fixes ‘Important’ Flaws in ColdFusion, After Effects and Digital Editions
While Adobe’s regularly scheduled security updates were light this month, they fixed “important” severity vulnerabilities. Source link