Security News

Apple has released Safari 15.6.1 for macOS Big Sur and Catalina to fix a zero-day vulnerability exploited in the wild to hack Macs. "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited," warns Apple in a security bulletin released today.

Apple just pushed out an emergency update for two zero-day bugs that are apparently actively being exploited. There's a remote code execution hole dubbed CVE-20220-32893 in Apple's browser and HTML rendering software, by means of which a booby trapped web page can trick iPhones, iPads and Macs into running unauthorised and untrusted software code.

Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. Google credits Ashley Shen and Christian Resell of its Google Threat Analysis Group for reporting the zero-day bug, which could allow for arbitrary code execution, on July 19.

Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in the wild. CVE-2022-32894 is out-of-bounds write issue in the operating systems' kernel that can be exploited by a malicious application to execute arbitrary code with kernel privileges.

Apple has released emergency security updates today to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. Today, Apple has released macOS Monterey 12.5.1 and iOS 15.6.1/iPadOS 15.6.1 to resolve two zero-day vulnerabilities that are reported to have been actively exploited.

The latest update to Google's Chrome browser is out, bumping the four-part version number to 104.0.5112.101, or to 104.0.5112.102. Chrome will probably update itself, but we always recommend checking anyway.

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on July 19, 2022.

Google has released a security update for the Chrome browser that addresses close to a dozen vulnerabilities, including a zero-day flaw that is being exploited in the wild. The security update is currently rolling out for Windows, Mac and Linux.

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wild. It's worth noting that the 121 security flaws are in addition to 25 shortcomings the tech giant addressed in its Chromium-based Edge browser late last month and the previous week.

Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being exploited in the wild. The actively exploited Dogwalk bug was first reported to Microsoft in January 2020 by researcher Imre Rad. However, it wasn't until a separate researchers began tracking the exploitation of a flaw dubbed Follina that the Dogwalk bug was rediscovered.