VMware patches critical bug in Workspace ONE Access and vRealize
VMware warns of an authentication vulnerability that could allow hackers to gain administrator privileges. The vulnerability affects Workspace ONE Access, Identity Manager and vRealize Automation.
The vulnerability was dubbed CVE-2022-31656 and given a high-priority status. Administrators are ad... Read more
Patch Tuesday brings 84 new Microsoft fixes
Microsoft's latest Patch Tuesday produced no less than 84 fixes, including four critical vulnerabilities and one that's actively abused in the wild.
One of the fixes tackles a vulnerability that's actively abused by cybercriminals (CVE-2022-22047). Attackers are exploiting a privilege vulnerabi... Read more
Chrome 90 is here with seven vulnerabilities patched
Google has finally released Chrome version 90.0.4430.85 for Windows, Mac, and Linux. The release comes with seven security fixes. One of them is a zero-day vulnerability, which was exploited in the wild. The zero-day was assigned the identifier CVE-2021-21224.
Chrome’s technical program manage... Read more
Google provides patches for two Chrome Zero-Days under active exploit
Google has patched two zero-day vulnerabilities in the Chrome browser. This is the third time in two weeks that the company has had to fix a Chrome flaw under active exploit. A tweet on Monday from Ben Hawkes, the head of Google’s Project Zero’s vulnerability and exploit research section, confi... Read more
Oracle releases extremely large security update
Oracle released an extremely large security update today in a Critical Patch Update for many of its products and services. The company issued a total of 433 patches.
With the announced Critical Patch Update, Oracle releases a collection of patches for multiple security vulnerabilities. In this u... Read more
Microsoft patches 111 vulnerabilities in May’s Patch Tuesday
Microsoft started rolling out the May 2020 Patch Tuesday security updates. This month's Patch Tuesday is the third-largest in Microsoft's history after the company patched 115 bugs in March 2020 and 113 bugs in April 2020.
This month, the company patched 111 vulnerabilities in 12 different produ... Read more
Hackers are actively using zero-day exploits in WordPress
More than 35 percent of the websites run on WordPress. This huge attack surface is recently being attacked more by hackers, who are trying to exploit certain bugs in plugins. Some of these vulnerabilities are zero-day exploits, weaknesses that are unknown to the creators of the plugins.
Accordin... Read more
Oracle taps customers on the fingers because of negligence updates
Oracle recently released its quarterly set of patches to address vulnerabilities within its products. With the patches came a corresponding message, in which customers were urged, with some powerful words, to actually install the patches when they are available.
The reason for the reprimand to O... Read more
Citrix makes patches available for critical leaks
This morning, Citrix released the first patches for Citrix Application Delivery Controller (Citrix ADC) and Citrix Gateway, formerly known as NetScaler Gateway. These are patches for versions 11.1 and 12.0. More patches for other versions will follow later this week.
The problem with the Citrix ... Read more
Citrix ADC and Citrix Gateway waiting for patch after December leak
In December, a major security breach came to light in the Citrix Application Delivery Controller (Citrix ADC) and Citrix Gateway, formerly known as NetScaler Gateway. We are still waiting for a patch, while researchers are now warning that cyber criminals are actively looking for vulnerable Citrix ... Read more