Security News

Chrome zero-day, hot on the heels of Microsoft’s IE zero-day. Patch now!
2021-06-10 18:01

Microsoft's Patch Tuesday announcement was bad enough, with six in-the-wild vulnerabilities patched, including one buried in the vestiges of Internet Explorer's MSHTML web rendering code. It's been followed by Google's latest Chrome security advisory, which includes a zero-day patch to Chrome's JavaScript engine amongst its 14 officially listed security fixes.

Intel's latest patch set plugs some serious holes in CPU, Bluetooth, server, and – ironically – security lines
2021-06-09 12:15

Intel has pushed out a raft of security advisories for June, bringing its total discovered "Potential vulnerabilities" for the year to date to 132, only a quarter of which were reported by external contributors and the company's bug bounty programme. "Today we released 29 security advisories addressing 73 vulnerabilities," Intel's Jerry Bryant said of the company's latest updates.

Update Your Windows Computers to Patch 6 New In-the-Wild Zero-Day Bugs
2021-06-09 09:52

Microsoft on Tuesday released another round of security updates for Windows operating system and other supported software, squashing 50 vulnerabilities, including six zero-days that are said to be under active attack. The flaws were identified and resolved in Microsoft Windows,.

Extra urgency in June's Patch Tuesday: Microsoft warns six more bugs are being exploited
2021-06-09 00:21

Microsoft's traditional Patch Tuesday saw the software giant release fixes for 50 flaws, and a reminder to apply updates as soon as possible because six of them are being exploited in the wild by miscreants. A maliciously crafted webpage or some other file can execute arbitrary code on the machine when opened and parsed by MSHTML, which is "Used by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control," according to Microsoft.

Microsoft Patch Tuesday Fixes 6 In-The-Wild Exploits, 50 Flaws
2021-06-08 21:45

Microsoft jumped on 50 vulnerabilities in this month's Patch Tuesday update, issuing fixes for CVEs in Microsoft Windows,. The six CVEs under active attack in the wild include four elevation of privilege vulnerabilities, one information disclosure vulnerability and one remote code execution vulnerability.

June 2021 Patch Tuesday: Microsoft fixes six actively exploited zero-days
2021-06-08 20:18

Microsoft has fixed 50 security vulnerabilities, six of which are actively exploited zero-days. On this June 2021 Patch Tuesday, Microsoft has splatted 5 critical and 45 important bugs.

Microsoft June 2021 Patch Tuesday fixes 6 exploited zero-days, 50 flaws
2021-06-08 17:32

Today is Microsoft's June 2021 Patch Tuesday, and with it comes fixes for seven zero-day vulnerabilities and a total of 50 flaws, so Windows admins will be scrambling to get devices secured. Microsoft has fixed 50 vulnerabilities with today's update, with five classified as Critical and forty-five as Important.

Week in review: Kali Linux 2021.2, the human cost of understaffed SOCs, Patch Tuesday forecast
2021-06-06 08:00

Kali Linux 2021.2 released: Kaboxer, Kali-Tweaks, new tools, and more!Offensive Security has released Kali Linux 2021.2, the latest version of its popular open source penetration testing platform. June 2021 Patch Tuesday forecast: Patch management is back in the spotlightEvery day you look in the security news, there are reports of new ransomware attacks.

Attackers are scanning for vulnerable VMware servers, patch now!
2021-06-04 18:23

Threat actors are actively scanning for Internet-exposed VMware vCenter servers unpatched against a critical remote code execution vulnerability impacting all vCenter deployments and patched by VMware ten days ago. Attackers have previously mass scanned for unpatched vCenter servers after security researchers published PoC exploit code for another critical RCE security flaw also affecting all default vCenter installs.

June 2021 Patch Tuesday forecast: Patch management is back in the spotlight
2021-06-04 06:24

June 2021 Patch Tuesday forecast We should see an uptick in the number of CVEs addressed this month in all the supported operating systems; after all, there are now fewer versions of Windows 10 to update. The Extended Security Updates for Windows 7 and Server 2008/2008 R2 will be released as usual.