patch – Page 3 – WindowsTechs.com

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

Posted on May 1, 2023 by Paul Ducklin

Just when we’d got used to three-numbered versions, such as “13.3.1”, here comes an update suffix, bringing you “13.3.1 (a)”… Continue reading Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused→

Double zero-day in Chrome and Edge – check your versions now!

Posted on April 24, 2023 by Paul Ducklin

Wouldn’t it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?
Continue reading Double zero-day in Chrome and Edge – check your versions now!→

Army helicopter crash blamed on skipped software patch

Posted on April 18, 2023 by Graham Cluley

The emergency ditching of an Australian military helicopter in the water just off a beach in New South Wales, has been blamed on the failure to apply a software patch.

Read more in my article on the Hot for Security blog. Continue reading Army helicopter crash blamed on skipped software patch→

Veeam Backup & Replication admins, get patching! (CVE-2023-27532)

Posted on March 10, 2023 by Zeljka Zorz

Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the fix as soon as possible. About CVE-2023-27532 The nature of CVE-2023-27532 has… Continue reading Veeam Backup & Replication admins, get patching! (CVE-2023-27532)→

Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)

Posted on February 17, 2023 by Zeljka Zorz

Cisco has released security updates for several of its enterprise security and networking products, fixing (among other things): A critical vulnerability (CVE-2023-20032) in the ClamAV scanning library used by its Secure Endpoint, Secure Endpoint Priva… Continue reading Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)→

Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)

Posted on November 29, 2022 by Zeljka Zorz

A pre-authentication RCE flaw (CVE-2021-35587) in Oracle Access Manager (OAM) that has been fixed in January 2022 is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerabilit… Continue reading Pre-auth RCE in Oracle Fusion Middleware exploited in the wild (CVE-2021-35587)→

Firefox fixes fullscreen fakery flaw – get the update now!

Posted on November 16, 2022 by Paul Ducklin

What’s so bad about a web page going fullscreen without warning you first? Continue reading Firefox fixes fullscreen fakery flaw – get the update now!→

Microsoft fixes many zero-days under attack

Posted on November 8, 2022 by Zeljka Zorz

November 2022 Patch Tuesday is here, with fixes for many vulnerabilities actively exploited in the wild, including CVE-2022-41091, a Windows Mark of the Web bypass flaw, and the ProxyNotShell MS Exchange vulnerabilities. Fixes to prioritize CVE-2022-41… Continue reading Microsoft fixes many zero-days under attack→

Chrome and Edge fix zero-day security hole – update now!

Posted on September 5, 2022 by Paul Ducklin

This time, the crooks got there first – only 1 security hole patched, but it’s a zero-day. Continue reading Chrome and Edge fix zero-day security hole – update now!→

Firefox 104 is out – no critical bugs, but update anyway

Posted on August 26, 2022 by Paul Ducklin

Two trust-spoofing bugs were the main culprits this month – but neither one was a zero-day. Continue reading Firefox 104 is out – no critical bugs, but update anyway→