vulnerabilities – Page 13 – WindowsTechs.com

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains

Posted on August 12, 2024 by Ryan Naraine

The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks.
The post Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains appeared first on SecurityWeek.
Continue reading Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains→

Posted on August 9, 2024 by Eduard Kovacs

CISA is warning organizations about abuse of Cisco Smart Install feature, as Cisco is notifying customers about critical phone vulnerabilities it’s not patching.
The post Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities appeared fir… Continue reading Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities→

Posted on August 8, 2024 by Ryan Naraine

CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.
The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek.
Continue reading CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug→

Posted on August 8, 2024 by Eduard Kovacs

Vulnerabilities found in solar power systems could have been exploited by hackers to cause disruption and possibly blackouts.
The post Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption appeared first on SecurityWeek.
Continue reading Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption→

Posted on August 7, 2024 by Eduard Kovacs

Researchers disclose the details of GhostWrite, a RISC-V CPU vulnerability that can be exploited to gain full access to targeted devices.
The post GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU appeared first on SecurityWeek.
Continue reading GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU→

Posted on August 7, 2024 by Ryan Naraine

Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.
The post Windows Update Flaws Allow Undetectable Downgrade Attacks appeared first on SecurityWeek.
Continue reading Windows Update Flaws Allow Undetectable Downgrade Attacks→

Posted on August 7, 2024 by Eduard Kovacs

A Chrome 127 update patches five vulnerabilities, and Firefox 129 addresses over a dozen security holes.
The post Chrome, Firefox Updates Patch Serious Vulnerabilities appeared first on SecurityWeek.
Continue reading Chrome, Firefox Updates Patch Serious Vulnerabilities →

Posted on August 6, 2024 by Ryan Naraine

CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a “confluence” of vulnerabilities and testing gaps.
The post CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash appeared first on SecurityWeek.
Continue reading CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash→

Posted on August 6, 2024 by Eduard Kovacs

Microsoft paid out $16.6 million to over 340 security researchers through its bug bounty programs over the past year.
The post Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year appeared first on SecurityWeek.
Continue reading Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year→

Posted on August 6, 2024 by Eduard Kovacs

Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks.
The post Google Patches Android Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.
Continue reading Google Patches Android Zero-Day Exploited in Targeted Attacks→