Security News
The above bugs impact QTS, the NAS operating system on QNAP devices, QuTScloud, the VM-optimized version of QTS, and QTS hero, a specialized version focused on high performance. QNAP has addressed CVE-2023-50361 through CVE-2023-50364 in a security update released in April 2024, in versions QTS 5.1.6.2722 build 20240402 and later, and QuTS hero h5.1.6.2734 build 20240414 and later.
For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability for which an exploit exists in the wild.While the two Chrome zero days fixed in the past few days have been attributed to an anonymous researcher, this time around the reporters are known: Kaspersky threat researchers Vasiliy Berdnikov and Boris Larin.
Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947,...
Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. [...]
Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. Chrome updates automatically when security patches are available.
Microsoft has addressed a total of 61 new security flaws in its software as part of its Patch Tuesday updates for May 2024, including two zero-days which have been actively exploited in the wild....
The D-Link EXO AX4800 router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link DIR-X4860 router is a high-performance Wi-Fi 6 router capable of speeds of up to 4800 Mbps and advanced features like OFDMA, MU-MIMO, and BSS Coloring that enhance efficiency and reduce interference.
For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days actively exploited by attackers. CVE-2024-30051 is a heap-based buffer overflow vulnerability affecting the Windows DWM Core Library that can be exploited to elevate attackers' privileges on a target system.
Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems. Kaspersky security researchers discovered the vulnerability while investigating another Windows DWM Core Library privilege escalation bug tracked as CVE-2023-36033 and also exploited as a zero-day in attacks.
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days. The total count of 61 flaws does not include 2 Microsoft Edge flaws fixed on May 2nd and four fixed on May 10th. To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5037771 cumulative update and the Windows 10 KB5037768 update.