Here you will find all the articles with the tag: zero-day.
According to Microsoft's planning, the entire bug fix process will take a year to complete. This week Ars Technica reported on Microsoft's latest plan to eliminate a serious vulnerability affecting the boot process on various types of Windows machines. The vulnerability can be exploited by a pie... Read more
16 days ago
Security researchers managed to discover as many as 27 zero-days in major enterprise software during the three days of the Pwn2Own Vancouver 2023 event. Zero-days were found in Windows 11, Ubuntu and macOS, among others, as well as in Oracle and VMware products and Tesla's firmware. The various ... Read more
2 months ago
Recent phishing attacks use a zero-day Windows vulnerability to drop the Qbot malware without displaying Windows' usual security warnings, BleepingComputer reports. When users download files from an 'untrusted' remote location, such as an Internet website or an email attachment, Windows adds a s... Read more
6 months ago
Microsoft confirms that cybercriminals are exploiting two zero-day vulnerabilities in Exchange Server 2013, 2016 and 2019. The vulnerabilities allow cybercriminals to conduct remote code execution attacks. The bugs were discovered by GTSC. The security company published a mitigation guide. The ... Read more
8 months ago
Google issued an update to the Stable channel of its Chrome browser on Wednesday containing a patch for a vulnerability currently in the wild. According to Google's alert, CVE-2022-2856 is a remedy for "insufficient validation of untrusted input in Intents." Intents often convey data from one pr... Read more
10 months ago
Cato Networks developed a workaround for a zero-day vulnerability recently found in Microsoft Office. Customers of Cato Networks are immune to the vulnerability. Cato Networks provides a Secure Access Service Edge service (SASE). The service has two components. First, it connects customers' appl... Read more
12 months ago
Microsoft squashes multiple vulnerabilities in its solutions. Among them is critical spoofing vulnerability CVE-2021-43890, frequently exploited for Emotet, Trickbot and Bazaloader attacks. Microsoft releases a December update fixing various vulnerabilities through no less than 67 patches. In No... Read more
1 year ago
HP Wolf Security caught exploits of the zero-day CVE-2021-40444 a remote code execution vulnerability in the MSHTML browser engine that can be triggered by opening a malicious Microsoft Office document. The flaw was caught a week before a patch was released for it. The latest HP Wolf Security Th... Read more
2 years ago
Apple has warned iPhone and Mac users that it is aware of a zero-day bug under active exploit. The company thanked Google for spotting the bug, assigned CVE-2021-30869, which the world's largest ad company seems to have noticed since it impacts the WebKit browser engine. It is a serious flaw, as... Read more
2 years ago
The vulnerabilities affects Macs, iPhones, iPads and Watches. Apple released an urgent and critical security update for Mac, iPhone, iPad and Watch. The update comes after researchers with Citizen Lab discovered a zero-day, zero-click exploit from mercenary spyware company NSO Group. The spy... Read more
2 years ago
