Security News

January 2024 Patch Tuesday forecast: A Focus on Printing
2024-01-05 06:09

This article aims to provide a quick summary of some of the latest trends, announcements, and changes associated with IT patch operations while looking at the upcoming Patch Tuesday and what software updates to expect. December 2023 Patch Tuesday provided the smallest set of updates in recent memory.

New Security Vulnerabilities Uncovered in pfSense Firewall Software - Patch Now
2023-12-15 11:02

Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on...

Microsoft's Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 Critical
2023-12-13 05:50

Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are...

Final Patch Tuesday of 2023 goes out with a bang
2023-12-13 00:41

Of these, four are rated critical - including three remote code execution vulnerabilities and one spoofing bug - and 29 important. The only vulnerability listed as publicly disclosed in Microsoft's December patch party is a speculative leaks flaw in some AMD processors tracked as CVE-2023-20588 and first disclosed in August.

December 2023 Patch Tuesday: 33 fixes to wind the year down
2023-12-12 20:12

Microsoft's December 2023 Patch Tuesday is a light one: 33 patches, only four of which are deemed critical. "This month, Microsoft did not patch any zero-day vulnerabilities, marking only the second time in 2023 that no zero-days were fixed," noted Satnam Narang, senior staff research engineer at Tenable.

Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day
2023-12-12 19:00

Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. The total count of 34 flaws does not include 8 Microsoft Edge flaws fixed on December 7th. To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5033375 cumulative update and Windows 10 KB5033372 cumulative update.

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
2023-12-12 06:44

Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently...

New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now
2023-12-12 05:23

Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked...

December 2023 Patch Tuesday forecast: ‘Tis the season for vigilance
2023-12-08 06:00

The good news for the rest of you is that December Patch Tuesday is usually light regarding CVEs reported. Exploitable across the internet, the vulnerability is ideal for a phishing exploit as it only requires the user to click on a malicious URL. A fix was included in the November Patch Tuesday updates and the CVE was reported as Known Exploited, but now it is Publicly Disclosed as well.

Atlassian fixes four critical RCE vulnerabilities, patch quickly!
2023-12-06 14:51

Atlassian has released security updates for four critical vulnerabilities in its various offerings that could be exploited to execute arbitrary code. CVE-2022-1471 is a deserialization flaw in the SnakeYAML library for Java that can lead to remote code execution.