Security patch – Page 2 – WindowsTechs.com

Microsoft patches critical vulnerability comparable to WannaCry

Posted on May 15, 2019 by Shannon Vavra

Microsoft released fixes Tuesday for a “wormable” remote code execution flaw reminiscent of the vulnerability that allowed WannaCry ransomware to propagate to computers around the globe in 2017. The Remote Desktop Services vulnerability, which Microsoft has rated as critical, could allow hackers to install programs, and view, change, or delete data. It requires no user interaction to work, meaning users don’t have to click on anything, such as a link, document, or message box, and attackers don’t need to run social engineering projects to dupe users. Microsoft took the unusual step of launching security updates for all users, including unsupported operating systems like XP and Windows 2003, due to the risk that the flaw can lead to self-propagating attacks. “In other words, the vulnerability is ‘wormable,’ meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the […]

The post Microsoft patches critical vulnerability comparable to WannaCry appeared first on CyberScoop.

Continue reading Microsoft patches critical vulnerability comparable to WannaCry→

ASUS issues patch, downplays scope of APT hack of its supply chain

Posted on March 26, 2019 by Sean Lyngaas

Taiwanese hardware manufacturer ASUS on Tuesday announced a software update in response to a nation-state-linked hack and downplayed the scale of the compromise of its supply chain. “Only a very small number of [a] specific user group were found to have been targeted by this attack and as such it is extremely unlikely that your device has been targeted,” ASUS said in a press release. The statement contrasted with the findings of Kaspersky Lab researchers, who described the breach as perhaps “one of the biggest supply-chain incidents ever.” The attackers compromised an ASUS server to send malicious updates that affected about 1 million computer users between June and November 2018, according to the researchers, though only 600 appeared to be targeted for attack. ASUS accounted for 6 percent of global PC shipments in the third quarter of 2018, according to Gartner. The company also makes mobile phones, smart home devices, and other […]

The post ASUS issues patch, downplays scope of APT hack of its supply chain appeared first on CyberScoop.

Continue reading ASUS issues patch, downplays scope of APT hack of its supply chain→

Drupal Patches Highly Critical Remote Code Execution Vulnerability

Posted on February 22, 2019 by Lucian Constantin

Websites based on the Drupal content management system might be affected by a highly critical vulnerability that could result in remote code execution. The vulnerability affects websites running Drupal 8 with RESTful Web Services (rest) module enabled… Continue reading Drupal Patches Highly Critical Remote Code Execution Vulnerability→

85 Android Adware Apps Downloaded 9 Million Times

Posted on January 9, 2019 by Lucian Constantin

Researchers have found another batch of malicious Android applications on Google Play that spam users with annoying full-screen ads and make using their phones difficult. Trend Micro calls the adware AndroidOS_HidenAd and found it inside 85 apps that … Continue reading 85 Android Adware Apps Downloaded 9 Million Times→

Android November update fixes flaws galore

Posted on November 6, 2018 by John E Dunn

Android’s November security bulletin is here and there’s more to patch, and more urgency about applying them. Continue reading Android November update fixes flaws galore→

Patch now! Multiple serious flaws found in Drupal

Posted on October 23, 2018 by John E Dunn

Drupal website owners have some important patching homework to do. Continue reading Patch now! Multiple serious flaws found in Drupal→

iOS 12 is here: these are the security features you need to know about

Posted on September 19, 2018 by John E Dunn

One year to the day after iOS 11 appeared, Apple yesterday released its replacement, iOS 12. Continue reading iOS 12 is here: these are the security features you need to know about→

Six Critical Vulnerabilities in Adobe ColdFusion Get Patches

Posted on September 12, 2018 by Liviu Arsene

Adobe recently released a series of 11 security patches, including six rated critical, and urged Adobe ColdFusion users to start applying the updates ASAP. The security advisory mentions that the 2018 and 2016 versions of ColdFusion, as well as version… Continue reading Six Critical Vulnerabilities in Adobe ColdFusion Get Patches→

Microsoft Fixes 17 Critical Vulnerabilities

Posted on September 12, 2018 by Lucian Constantin

Microsoft has released its monthly batch of security patches fixing 61 vulnerabilities across its products, including 17 that are rated critical and four that have been publicly disclosed. Four critical memory corruption vulnerabilities were patched i… Continue reading Microsoft Fixes 17 Critical Vulnerabilities→

Microsoft Fixes 54 Vulnerabilities on July’s Patch Tuesday

Posted on July 10, 2018 by Lucian Constantin

Microsoft fixed 54 vulnerabilities across its products July 10 as part of its monthly patch cycle. Seventeen of those flaws are rated critical and three of them have been publicly disclosed before the patches were released. In terms of impact, nearly … Continue reading Microsoft Fixes 54 Vulnerabilities on July’s Patch Tuesday→