Cisco Patches Two Dangerous Zero-Day Vulnerabilities
The vulnerabilities, one of which was rated critical and one of which was rated highly severe, affect Cisco IOS XE software. Continue reading Cisco Patches Two Dangerous Zero-Day Vulnerabilities
Collaborate Disseminate
The vulnerabilities, one of which was rated critical and one of which was rated highly severe, affect Cisco IOS XE software. Continue reading Cisco Patches Two Dangerous Zero-Day Vulnerabilities
We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good… Continue reading Apple pushes out iOS security update that’s more tight-lipped than ever
Kernel driver bugs often let crooks take over your entire system from even the weediest foothold. Continue reading Patch time! NVIDIA fixes kernel driver holes on Windows and Linux
The last Patch Tuesday of 2019 is finally here.
Adobe today released updates for four of its widely used software—including Adobe Acrobat and Reader, Photoshop CC, ColdFusion, and Brackets—to patch a total of 25 new security vulnerabilities.
Seventee… Continue reading Adobe Releases Patches for ‘Likely Exploitable’ Critical Vulnerabilities
Microsoft released fixes Tuesday for a “wormable” remote code execution flaw reminiscent of the vulnerability that allowed WannaCry ransomware to propagate to computers around the globe in 2017. The Remote Desktop Services vulnerability, which Microsoft has rated as critical, could allow hackers to install programs, and view, change, or delete data. It requires no user interaction to work, meaning users don’t have to click on anything, such as a link, document, or message box, and attackers don’t need to run social engineering projects to dupe users. Microsoft took the unusual step of launching security updates for all users, including unsupported operating systems like XP and Windows 2003, due to the risk that the flaw can lead to self-propagating attacks. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the […]
The post Microsoft patches critical vulnerability comparable to WannaCry appeared first on CyberScoop.
Continue reading Microsoft patches critical vulnerability comparable to WannaCry
Taiwanese hardware manufacturer ASUS on Tuesday announced a software update in response to a nation-state-linked hack and downplayed the scale of the compromise of its supply chain. “Only a very small number of [a] specific user group were found to have been targeted by this attack and as such it is extremely unlikely that your device has been targeted,” ASUS said in a press release. The statement contrasted with the findings of Kaspersky Lab researchers, who described the breach as perhaps “one of the biggest supply-chain incidents ever.” The attackers compromised an ASUS server to send malicious updates that affected about 1 million computer users between June and November 2018, according to the researchers, though only 600 appeared to be targeted for attack. ASUS accounted for 6 percent of global PC shipments in the third quarter of 2018, according to Gartner. The company also makes mobile phones, smart home devices, and other […]
The post ASUS issues patch, downplays scope of APT hack of its supply chain appeared first on CyberScoop.
Continue reading ASUS issues patch, downplays scope of APT hack of its supply chain
Websites based on the Drupal content management system might be affected by a highly critical vulnerability that could result in remote code execution. The vulnerability affects websites running Drupal 8 with RESTful Web Services (rest) module enabled… Continue reading Drupal Patches Highly Critical Remote Code Execution Vulnerability
Researchers have found another batch of malicious Android applications on Google Play that spam users with annoying full-screen ads and make using their phones difficult. Trend Micro calls the adware AndroidOS_HidenAd and found it inside 85 apps that … Continue reading 85 Android Adware Apps Downloaded 9 Million Times
Android’s November security bulletin is here and there’s more to patch, and more urgency about applying them. Continue reading Android November update fixes flaws galore
Drupal website owners have some important patching homework to do. Continue reading Patch now! Multiple serious flaws found in Drupal