Collaborate Disseminate
Patch Tuesday: A month after confirming active exploitation of Office code execution flaws, Microsoft has shipped patches for multiple affected products.
The post Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days appeared first on S… Continue reading Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days
No zero-days this month, so you’re patching to stay ahead, not merely to catch up! Continue reading Firefox 115 is out, says farewell to older Windows and Mac users
Ultimate Member plugin lets rogue users choose their own site capabilities, including becoming admins.
Continue reading WordPress plugin lets users become admins – Patch early, patch often!
Apple didn’t use the words “Triangulation Trojan”, but you probably will. Continue reading Apple patch fixes zero-day kernel hole reported by Kaspersky – update now!
CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation… Continue reading VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)
“Do as we say, not as we do!” – The patches took ages to come out, but don’t let that lure you into taking ages to install them. Continue reading ASUS warns router customers: Patch now, or block all inbound requests
Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as “important.” Akamai’s research team and Ben Barnea, the researcher who’s cred… Continue reading Easily bypassed patch makes zero-click Outlook flaw exploitable again (CVE-2023-29324)
A recently patched vulnerability (CVE-2023-21932) in Oracle Opera, a property management system widely used in large hotel and resort chains, is more critical than Oracle says it is and could be easily exploited by unauthenticated remote attackers to a… Continue reading Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)
Just when we’d got used to three-numbered versions, such as “13.3.1”, here comes an update suffix, bringing you “13.3.1 (a)”… Continue reading Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused
Wouldn’t it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?
Continue reading Double zero-day in Chrome and Edge – check your versions now!