Security News

Attackers are probing Citrix controllers and gateways through recently patched flawsSANS ISC's Dr. Johannes Ullrich spotted attackers attempting to exploit two of the Citrix vulnerabilities on his F5 BigIP honeypot. Exposing the privacy risks of home security camerasAn international study has used data from a major provider of home IP security cameras to evaluate potential privacy risks for users.

Despite these record CVE numbers, the actual number of updates have been down; we haven't seen Exchange or SQL Server updates in a while. Keep your eyes open on Tuesday to see if these CVEs show up in the cumulative monthly update.

Windows 10 users woke up to borked printers following the monthly Microsoft bugfix party, Patch Tuesday. The timing is unfortunate since many Windows 10 users are now working from home and relying on directly connected printers for remote working.

The lion's share of the bugs are rated important, but there are 11 CVEs rated critical. These are all bugs affecting Windows 10, and many also affected the latest 2004 build.

Microsoft today released software patches to plug at least 129 security holes in its Windows operating systems and supported software, by some accounts a record number of fixes in one go for the software giant. June marks the fourth month in a row that Microsoft has issued fixes to address more than 100 security flaws in its products.

The Redmond giant has posted fixes for CVE-listed bugs in its latest monthly security update, including 23 that allow for remote code execution. One of the bugs that was of particular interest to researchers was CVE-2020-1299, a remote code execution issue that arises when trying to load Windows shortcut files.

Microsoft has released patches for 129 vulnerabilities as part of its June Patch Tuesday updates - the highest number of CVEs ever released by Microsoft in a single month. Microsoft's June Patch Tuesday volume beats out the update from May, where it released fixes for 111 security flaws, including 16 critical bugs and 96 that are rated important.

Microsoft has fixed a record 129 CVE-numbered vulnerabilities in a wide variety of its offerings: Windows, the Internet Explorer and Edge browsers, Office and Microsoft Office Services and Web Apps, Windows Defender, Visual Studio, Azure DevOps, and more. "To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious cabinet file disguised as a printer driver," Microsoft explained.

5G adoption, security and worldwide market trendsWith 5G adoption ramping up all over the world, we sat down with Chris Pearson, President of 5G Americas, to learn more about the current 5G landscape. Zoom to offer end-to-end encryption only to paying customersAs Zoom continues on its path to bring end-to-end encryption to users, the big news is that only paid users will have access to the option.

May 2020 Patch Tuesday was pretty light on updates as predicted, so I'm expecting we'll see a more standard release of updates from Microsoft this month. These updates will be included in the regular patch Tuesday releases.