Here you will find all the articles with the tag: zero-day.
Apple is blocking the RSR update the company sent to iPhone, iPad and Mac yesterday. The update served to fix a zero-day in WebKit but caused problems downloading websites. Apple products are left vulnerable in the meantime. Apple further adds to its explanation of the issued Rapid Security Re... Read more
10 months ago
A new zero-day in WebKit is impacting iPhones, Mac devices and iPads. Suspecting the zero-day is being actively exploited, the company is pushing an update. Apple is implementing a Rapid Security Response (RSR) update on iPhones, iPads and Macs. "This Rapid Security Response provides important ... Read more
10 months ago
Hackers have once again found a way to break into WordPress accounts. This time, a zero-day in the Ultimate Member plugin grants access. Hackers can penetrate 200,000 WordPress websites through a zero-day in the Ultimate Member plugin. The plugin serves website visitors with a simple account re... Read more
10 months ago
According to Microsoft's planning, the entire bug fix process will take a year to complete. This week Ars Technica reported on Microsoft's latest plan to eliminate a serious vulnerability affecting the boot process on various types of Windows machines. The vulnerability can be exploited by a pie... Read more
11 months ago
Security researchers managed to discover as many as 27 zero-days in major enterprise software during the three days of the Pwn2Own Vancouver 2023 event. Zero-days were found in Windows 11, Ubuntu and macOS, among others, as well as in Oracle and VMware products and Tesla's firmware. The various ... Read more
1 year ago
Recent phishing attacks use a zero-day Windows vulnerability to drop the Qbot malware without displaying Windows' usual security warnings, BleepingComputer reports. When users download files from an 'untrusted' remote location, such as an Internet website or an email attachment, Windows adds a s... Read more
1 year ago
Microsoft confirms that cybercriminals are exploiting two zero-day vulnerabilities in Exchange Server 2013, 2016 and 2019. The vulnerabilities allow cybercriminals to conduct remote code execution attacks. The bugs were discovered by GTSC. The security company published a mitigation guide. The ... Read more
2 years ago
Google issued an update to the Stable channel of its Chrome browser on Wednesday containing a patch for a vulnerability currently in the wild. According to Google's alert, CVE-2022-2856 is a remedy for "insufficient validation of untrusted input in Intents." Intents often convey data from one pr... Read more
2 years ago
Cato Networks developed a workaround for a zero-day vulnerability recently found in Microsoft Office. Customers of Cato Networks are immune to the vulnerability. Cato Networks provides a Secure Access Service Edge service (SASE). The service has two components. First, it connects customers' appl... Read more
2 years ago
Microsoft squashes multiple vulnerabilities in its solutions. Among them is critical spoofing vulnerability CVE-2021-43890, frequently exploited for Emotet, Trickbot and Bazaloader attacks. Microsoft releases a December update fixing various vulnerabilities through no less than 67 patches. In No... Read more
2 years ago
