Security News
Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of...
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. The auth bypass security flaw only affects appliances running VCD Appliance 10.5 that were previously upgraded from an older release.
Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities. The total count of 58 flaws does not include 5 Mariner security updates and 20 Microsoft Edge security updates released earlier this month.
Intel on Tuesday issued an out-of-band security update to address a privilege escalation vulnerability in recent server and personal computer chips. The flaw, designated INTEL-SA-00950 and given a CVSS 3.0 score of 8.8 out of 10, affects Intel Sapphire Rapids, Alder Lake, and Raptor Lake chip families.
The U.S. Cybersecurity and Infrastructure Security Agency has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to the Known Exploited Vulnerabilities catalog, based on evidence of active exploitation -.
Aqua Trivy open-source security scanner now finds Kubernetes security risksThe Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials generation. Sumo Logic discloses potential breach via compromised AWS credentialCloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday.
The October forecast for large numbers of CVEs addressed in Windows 10 and 11 and the recent record on the number fixed in Windows Server 2012 was spot on! Microsoft addressed 75 CVEs in Windows 11, 80 in Windows 10, and 61 in Server 2012 R2. While Server 2012 and Server 2012 R2 may be in good shape for the short term, please don't count on it for long, and don't forget they are moving into Extended Security Updates this month. Software updates across the board had been haphazard and happenstance until that second Tuesday in October 2003.
Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. Fixes for the issues are available in the below versions -.
QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8),...
Microsoft has made fresh commitments to harden the security of its software and cloud services after a year in which numerous members of the global infosec community criticized the company's tech defenses. The long and short of it is that Microsoft is pushing the big AI button a few more times, more deeply embedding the tech throughout its security operations and products.