Security News

Windows 10 KB5033372 update released with Copilot for everyone, 20 changes
2023-12-12 18:16

Microsoft has released the KB5033372 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes Copilot for Windows and nineteen other changes to the operating system. KB5033372 is a mandatory Windows 10 cumulative update containing the December 2023 Patch Tuesday security updates.

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
2023-12-12 06:44

Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently...

Apple emergency updates fix recent zero-days on older iPhones
2023-12-11 19:28

Apple has issued emergency security updates to backport patches for two actively exploited zero-day flaws to older iPhones and some Apple Watch and Apple TV models. Today, Apple addressed the zero-days in iOS 16.7.3, iPadOS 16.7.3, tvOS 17.2, and watchOS 10.2 with improved input validation and locking.

WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability
2023-12-08 09:23

WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable...

23andMe updates user agreement to prevent data breach lawsuits
2023-12-07 20:40

In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million Ashkenazi Jews and 4.1 million people living in the United Kingdom. 23andMe told BleepingComputer that the data was obtained through credential stuffing attacks to breach customer accounts.

Windows 10 Extended Security Updates Promised for Small Businesses and Home Users
2023-12-06 17:45

Microsoft's Extended Security Updates program doesn't replace all of those options; ESUs just provide the monthly security updates from Windows Update and only cover what Microsoft classifies as critical or important vulnerabilities, which means no fixes for security issues you can mitigate without Microsoft making changes to Windows. What's different this time is that individuals will be able to buy the annual ESU subscription for their Windows 10 PCs. How can I get Extended Security Updates for Windows 10?

Microsoft will offer extended security updates for Windows 10
2023-12-06 13:04

Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates, but will have to pay for them. "The ESU program enables PCs to continue to receive critical and important security updates through an annual subscription service after support ends. To be eligible to install updates from the ESU program, devices must be running Windows 10, version 22H2," Microsoft says.

Microsoft to let Windows 10 home users buy Extended Security Updates
2023-12-05 18:00

Microsoft says that all Windows 10 customers will be able to pay for three extra years of security updates through the company's Extended Security Updates program after the end of support date. The upcoming Windows 10 22H2 version is the final Windows release, with all editions to continue to receive monthly security updates until the EOS date.

Windows 11 KB5032288 update improves Copilot, fixes 11 bugs
2023-12-04 23:01

Microsoft has released the KB5032288 November 2023 Windows 11 preview update with improvements for the Copilot AI assistant and almost a dozen bug fixes. Windows Copilot started rolling out to Windows 11 22H2 devices in September and now is enabled by default on systems running Windows 11 23H2. After installing the KB5032288 preview update, the company says the AI-powered digital assistant will be available across multiple displays and will also show up as a thumbnail preview in the Alt+Tab dialog.

December Android updates fix critical zero-click RCE flaw
2023-12-04 19:37

Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution bug. "The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation," the advisory explains.