zdi – WindowsTechs.com

Microsoft Patch Tuesday, May 2021 Edition

Posted on May 11, 2021 by BrianKrebs

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser. Continue reading Microsoft Patch Tuesday, May 2021 Edition→

Vulnerability Disclosure: Ethical Hackers Seek Best Practices

Posted on September 4, 2020 by Lindsey O'Donnell

Cybersecurity researchers Brian Gorenc and Dustin Childs talk about the biggest vulnerability disclosure challenges in IoT and the industrial vertical. Continue reading Vulnerability Disclosure: Ethical Hackers Seek Best Practices→

Zero Day Initiative Bug Hunters Rake in $1.5M in 2019

Posted on January 31, 2020 by Tara Seals

Microsoft OS flaws, out-of-bounds reads, ICS gear and a record number of high-severity bugs marked 2019 for the ZDI program. Continue reading Zero Day Initiative Bug Hunters Rake in $1.5M in 2019→

Researchers Warn of Microsoft Zero-Day RCE Bug

Posted on June 1, 2018 by Lindsey O'Donnell

A Microsoft Windows vulnerability enables remote attackers to execute arbitrary code – and there’s no patch yet. Continue reading Researchers Warn of Microsoft Zero-Day RCE Bug→

Foxit to Fix PDF Reader Zero Days by Friday

Posted on August 22, 2017 by Chris Brook

Foxit Software says it will fix two vulnerabilities in its PDF reader products that could be triggered through its JavaScript API to execute code. Continue reading Foxit to Fix PDF Reader Zero Days by Friday→

Keen Lab Takes Down iPhone 6S, Nexus 6P at Mobile Pwn2Own

Posted on October 27, 2016 by Chris Brook

Hackers with Keen Team identified vulnerabilities in iOS 10.1 and Android Nougat at Mobile Pwn2Own this week. Continue reading Keen Lab Takes Down iPhone 6S, Nexus 6P at Mobile Pwn2Own→

Foxit Patches 12 Vulnerabilities in PDF Reader

Posted on June 30, 2016 by Chris Brook

Foxit patched a dozen vulnerabilities in its PDF reader software this week, more than half of which could be used to directly execute arbitrary code on vulnerable installations of the product.

Continue reading Foxit Patches 12 Vulnerabilities in PDF Reader→

US-CERT to Windows Users: Dump Apple Quicktime

Posted on April 18, 2016 by BrianKrebs

Microsoft Windows users who still have Apple Quicktime installed should ditch the program now that Apple has stopped shipping security updates for the platform, warns the Department of Homeland Security’s U.S. Computer Emergency Readiness Team (US-CERT). The advice came just as researchers are reporting two new critical security holes in Quicktime that likely won’t be patched. Continue reading US-CERT to Windows Users: Dump Apple Quicktime→

Apple Deprecates QuickTime For Windows, Won’t Patch New Flaws

Posted on April 14, 2016 by Michael Mimoso

The Zero Day Initiative has publicly disclosed a pair of serious vulnerabilities in Apple QuickTime for Windows that will not be patched because Apple is deprecating the product. Continue reading Apple Deprecates QuickTime For Windows, Won’t Patch New Flaws→