Security News

Actively Exploited Windows Zero-Day Gets a Patch
2021-08-10 21:17

Microsoft has patched 51 security vulnerabilities in its scheduled August Patch Tuesday update, including seven critical bugs, two issues that were publicly disclosed but unpatched until now, and one that's listed as a zero-day that has been exploited in the wild. "Despite its CVSS rating of 9.9, this may prove to be a trivial bug, but it's still fascinating," said Dustin Childs of Trend Micro's Zero Day Initiative in his Tuesday analysis.

Microsoft Patch Tuesday, August 2021 Edition
2021-08-10 21:12

Microsoft today released software updates to plug at least 44 security vulnerabilities in its Windows operating systems and related products. Microsoft said attackers have seized upon CVE-2021-36948, which is a weakness in the Windows Update Medic service.

Microsoft Patch Tuesday bug drought: No, it's not climate change or unexpected code quality improvements
2021-08-10 19:53

Now is the winter of our discontent made glorious summer by the fact that it's August and Patch Tuesday brings word of only 44 vulnerabilities in Microsoft's software. There's a bit of selective counting here however, given that Microsoft has been patching Edge's Chromium bugs separately.

Microsoft Patch Tuesday: Windows Flaw Under Active Attack
2021-08-10 18:16

The zero-day attacks against Microsoft's software products continue to pile up with a new warning from Redmond about a zero-day attack hitting a security defect in the Windows Update Medic Service. The Windows Update Medic Service is used to repair Windows Update components from damage so that Windows machines can continue to receive software updates.

Microsoft August 2021 Patch Tuesday fixes 3 zero-days, 44 flaws
2021-08-10 17:36

Today is Microsoft's August 2021 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 44 flaws, so please be nice to your Windows admins as they scramble to installed patches. Microsoft has fixed 44 vulnerabilities with today's update, with seven classified as Critical and 37 as Important.

Week in review: Clever Office 365 phishing, 2021 CWE Top 25, Patch Tuesday forecast
2021-08-08 08:00

Patch bypass flaw in Pulse Secure VPNs can lead to total compromiseThe patch for a vulnerability in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found. Vulnerable TCP/IP stack is used by almost 200 device vendorsResearchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack TCP/IP stack, used in OT devices such as the extremely popular Siemens S7 PLCs. A look at the 2021 CWE Top 25 most dangerous software weaknessesThe 2021 Common Weakness Enumeration Top 25 Most Dangerous Software Weaknesses is a demonstrative list of the most common issues experienced over the previous two calendar years.

Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now
2021-08-07 16:53

Threat actors are now actively scanning for the Microsoft Exchange ProxyShell remote code execution vulnerabilities after technical details were released at the Black Hat conference. ProxyShell is the name for three vulnerabilities that perform unauthenticated, remote code execution on Microsoft Exchange servers when chained together.

Windows PetitPotam vulnerability gets an unofficial free patch
2021-08-06 18:13

A free unofficial patch is now available to block attackers from taking over domain controllers and compromising entire Windows domains via PetitPotam NTLM relay attacks. The PetitPotam attack vector that forces Windows machines to authenticate against threat actors' malicious NTLM relay servers using the Microsoft Encrypting File System Remote Protocol was disclosed last month by security researcher Gilles Lionel.

Cisco: Firewall manager RCE bug is a zero-day, patch incoming
2021-08-06 17:16

In a Thursday security advisory update, Cisco revealed that a remote code execution vulnerability in the Adaptive Security Device Manager Launcher disclosed last month is a zero-day bug that has yet to receive a security update. Cisco ADSM is a firewall appliance manager that provides a web interface for managing Cisco Adaptive Security Appliance firewalls and AnyConnect Secure Mobility clients.

Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937)
2021-08-06 10:10

The patch for a vulnerability in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found. This new patch bypass vulnerability that could lead to remote code execution has been assigned a separate identification number and has been fixed by Ivanti Pulse Secure on Monday.