Microsoft fixes Defender’s zero-day vulnerability on Patch Tuesday
Microsoft’s latest monthly security patches came out on Patch Tuesday, with the fix for Defender’s zero-day included. January's updates patch a total of 83 vulnerabilities, spread out over a wide range of Microsoft's products. They include cloud-based offerings, the Windows OS, Enterprise Serve... Read more
Project Zero discloses an active exploited Windows 10 vulnerability
Google’s project zero announced that hackers have been exploiting an active Windows 10 zero-day that is not likely to be patched soon. The patch will probably arrive in two weeks. Google’s longstanding policy about vulnerability involves giving Microsoft a seven-day deadline to fix the flaw, wh... Read more
Microsoft releases emergency update for Windows 10
Microsoft patched two bugs in the Windows Codec Library with an emergency update. According to Microsoft, these security bugs were not yet exploited.
The bugs, named CVE-2020-1425 and CVE-2020-1457, only affect Windows 10 and Windows Server 2019.
Attackers can use the bugs using a specially c... Read more
Microsoft will fix leak in Internet Explorer on February 11th
A critical security vulnerability has been found in Internet Explorer (IE). By exploiting this leak, criminals can remotely execute code on the system and even access it. The leak is already being abused, but a patch is still pending.
The security leak is located in the scripting engine of Inter... Read more
Cisco: ‘Densely dangerous error that can lead to remote attacks via advertisements’.
Cisco has plugged a serious security hole in the web-based user interface of its IOS XE software. The error makes everyone on the internet break into internal networks, without the need for a password. The company calls on people to install the patch as soon as possible.
Cisco IOS XE is the Linux-ba... Read more
Adobe solves critical errors in Flash, ColdFusion and Campaign with update
Adobe has made its monthly patch update available. The June update solves a handful of vulnerabilities in Flash, ColdFusion and Campaign Classic. These are problems that can lead to arbitrary code execution in the company's software.
Adobe Flash had only a single vulnerability that is now being res... Read more
Leak in Google Chrome shows problems in Google’s patch process
István Kurucsai, security researcher for Exodus Intelligence, has published proof-of-concept code for a vulnerability in Google Chrome that has not yet been plugged. The researcher wants to show that there are problems with Google's patch process.
The vulnerability - a remote code execution error... Read more
IBM closes critical vulnerabilities in Watson and analytics products
IBM has announced solutions to five vulnerabilities in Java runtime. The bugs make various versions of Watson Explorer and Watson Content Analytics vulnerable to all kinds of attacks, reports ZDNet. The company therefore speaks of critical leaks.
The most serious vulnerability, CVE-2018-2602, was al... Read more
Microsoft deploys solution to network and activation problems Windows 7 patch
After a round of routine security updates, part of patch Tuesday last week, several Windows 7 corporate environment administrators reported that network locations were suddenly inaccessible, and systems were recognized as illegitimate.
Updates KB4480970 and KB4480960 to Windows 7 scared system admin... Read more
Microsoft releases patch for zero-day in Windows
Yesterday it was Patch Tuesday for Microsoft. The company has solved 62 vulnerabilities in its software this month. Among the fixes there is also a solution for a zero-day vulnerability that was actively exploited. As of today, this is no longer possible with people who update their device.
Microsof... Read more