Category Archives: internet explorer

Microsoft leaves critical bug unpatched on Patch Tuesday

Posted on by

Microsoft fixed bugs across a range of products on patch Tuesday, issuing patches for 115 distinct CVEs, with 26 rated critical. Continue reading Microsoft leaves critical bug unpatched on Patch Tuesday

does pasting a url into a chrome file upload dialog box (windows process) have security issues?

Posted on by

when using chrome, and i select a file for upload on a website that accepts files, a windows dialog box appears to select a file.

i can then past a http:// address for a file in the windows dialog box, and explorer.exe then invokes a proc… Continue reading does pasting a url into a chrome file upload dialog box (windows process) have security issues?

IE zero day and heap of RDP flaws fixed in February Patch Tuesday

Posted on by

Microsoft has finally patched the Internet Explorer (IE) zero-day flaw the company said in January was being used in “limited targeted attacks”. Continue reading IE zero day and heap of RDP flaws fixed in February Patch Tuesday

Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers

Posted on by

It’s one of the largest Patch Tuesday updates ever issued by Microsoft, and includes fixes for 12 security vulnerabilities that have been given the highest severity rating of “critical.”
The clock is ticking. IT teams should waste no… Continue reading Patch now! Microsoft releases fixes for 99 security flaws, some being actively exploited by hackers

Which vulnerabilities were most exploited by cybercriminals in 2019?

Posted on by

Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Table of top exploited CVEs between 2016 and 2019 (repeats are noted by color) Recorded Future researchers have analyzed code repositories, undergro… Continue reading Which vulnerabilities were most exploited by cybercriminals in 2019?

This Week in Security: Chrome Speech bug, UDP Fragmentation, and the Big Citrix Vulnerability

Posted on by

A critical security bug was fixed in Chrome recently, CVE-2020-6378. The CVE report is still marked private, as well as the bug report. All we have is “Use-after-free in speech recognizer”. Are we out of luck, trying to learn more about this vulnerability? If you look closely at the private …read more

Continue reading This Week in Security: Chrome Speech bug, UDP Fragmentation, and the Big Citrix Vulnerability

Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects

Posted on by

ACROS Security has released a micropatch that implements the workaround for a recently revealed actively exploited zero-day RCE flaw affecting Internet Explorer (CVE-2020-0674). Remote code execution vulnerability affecting IE Last Friday, Microsoft re… Continue reading Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects