Top

Tag: fix


Threats & Malware, Vulnerabilities

1.3 Million WordPress Websites Targeted by Attackers Looking for Old Vulnerabilities

June 9, 2020

Via: Hot for Security

A vast campaign targeting WordPress-based websites was identified by the Wordfence Firewall as it targeted 1.3 million pages, trying to leverage known plugins and theme vulnerabilities. WordPress is just one of the platforms used to create and deploy websites and, […]


Application security, Security

Facebook Fixes WhatsApp Group Chat Security Issue

December 18, 2019

Via: Dark Reading

Facebook has fixed a bug in its WhatsApp chat platform that gave attackers a way to send a malicious group-chat message capable of repeatedly crashing the entire application for all members of a targeted chat group. To regain access to […]


Threats & Malware, Vulnerabilities

Intel Fixes Dangerous Plundervolt Vulnerability

December 13, 2019

Via: Hot for Security

Intel has quickly released a fix for the new and already infamous Plundervolt vulnerability found in Intel 6th, 7th, 8th, 9th, and 10th generation processors, alongside Xeon Processor E3 v5 and v6, and Xeon Processor E-2100 and E-2200. Security researchers […]


Network security

Microsoft Fixes Windows Zero-Day on Lightest Patch Tuesday of 2019

December 11, 2019

Via: Dark Reading

This month’s batch of security updates addresses 36 CVEs, seven of which are rated Critical and one of which has been exploited in the wild. The last Patch Tuesday of 2019 is also Microsoft’s lightest of the year, with fixes […]


Threats & Malware, Vulnerabilities

Microsoft drops emergency Internet Explorer fix for actively exploited zero-day

September 24, 2019

Via: Help Net Security

Microsoft has unexpectedly released out-of-band security updates to fix vulnerabilities in Internet Explorer and Microsoft Defender. The IE zero-day bug is deemed “critical”, as it’s being actively exploited to achieve partial or complete control of a vulnerable systems. CVE-2019-1367 is […]


Vulnerabilities

Google Research: No Simple Fix For Spectre-Class Vulnerabilities

February 20, 2019

Via: Dark Reading

Chip makers’ focus on performance has left microprocessors open to numerous side-channel attacks that cannot be fixed by software updates – only by hard choices. Side-channel attacks such as the Spectre family of vulnerabilities are more widespread threat than previously […]


Mobile security, Vulnerabilities

Apple Fixes Multiple macOS, iOS Bugs Including a Quirky FaceTime Vulnerability

November 1, 2018

Via: Threat Post

Apple tackled a bevy of vulnerabilities across all its platforms Tuesday, including one that allowed a remote attacker to initiate a FaceTime call by exploiting a bug in some model iPhones, iPads, and iPad Air devices. The wide-ranging security fixes […]


Vulnerabilities

Android September 2018 Patches Fix Critical Flaws

September 10, 2018

Via: Security Week

Google has released its September 2018 security patches for Android, which resolves more than 50 vulnerabilities in the operating system. The September 2018 Android Security Bulletin is split into two parts, the 2018-09-01 security patch level, which resolves 24 bugs, […]


Mobile security, Vulnerabilities

Google Fixes Critical Android Vulnerabilities

July 6, 2018

Via: Security Week

Google this week released its July 2018 set of Android patches to address tens of vulnerabilities in the mobile operating system, including several rated as Critical. The Internet giant addressed 11 vulnerabilities as part of the 2018-07-01 security patch level, […]


Network security, Vulnerabilities

17 Zero-Days Found & Fixed in OPC-UA Industrial Protocol Implementations

May 11, 2018

Via: Dark Reading

Vulnerabilities in the framework used for secure data transfer in industrial systems were all fixed by March, says Kaspersky Lab. Researchers discovered 17 zero-day vulnerabilities in a popular framework for secure data transfer between clients and servers in industrial systems […]


Mobile security, Vulnerabilities

Severe Keyboard Flaws in LG Smartphones Allow Remote Code Execution

May 10, 2018

Via: Threat Post

LG has patched two severe vulnerabilities that reside in the default keyboard on all mainstream LG smartphones, including its flagship handsets; the flaws could be used to remotely execute code with elevated privileges. LG’s update also includes a fix for […]


Mobile security

Android’s March 2018 Patches Fix Critical, High Risk Flaws

March 6, 2018

Via: Security Week

Google has released its March 2018 set of security updates for Android to address numerous Critical and High severity vulnerabilities in the popular mobile operating system. The majority of the Critical vulnerabilities addressed this month could allow an attacker to […]


Vulnerabilities

Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips

February 28, 2018

Via: Threat Post

Intel has issued updated microcode to help safeguard its Broadwell and Haswell chips from the Spectre Variant 2 security exploits. According to Intel documents, an array of its older processors, including the Broadwell Xeon E3, Broadwell U/Y, Haswell H,S and […]


Network security

Google disclosed Microsoft Edge security flaw before it’s fixed

February 19, 2018

Via: CSO Online

Google seems to be gunning for Microsoft again by going public with a vulnerability in Microsoft Edge before Microsoft could develop a patch. The flaw affects Microsoft’s Arbitrary Code Guard (ACG) which Microsoft described a year ago in a post […]


Vulnerabilities

Oracle Fixes Spectre, Meltdown Flaws With Critical Patch Update

January 17, 2018

Via: Security Week

Oracle on Tuesday released its first Critical Patch Update for 2018 to deliver 237 new security fixes across its product portfolio. Over half of the addressed vulnerabilities could be remotely exploited without authentication. As part of the January 2018 Critical […]


Vulnerabilities

Microsoft December Patch Tuesday Update Fixes 34 Bugs

December 13, 2017

Via: Threat Post

Microsoft patched 34 vulnerabilities that are part of its December Patch Tuesday release. A total of 20 vulnerabilities were rated critical and another 12 were rated important. Impacted are Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, SharePoint and Exchange. […]


Cloud security

Amazon Promises Fix to Stop Key Service Hack

November 20, 2017

Via: Threat Post

Researchers at Rhino Security Labs identified a flaw in Amazon’s Key delivery service and Cloud Cam security camera that allows a rogue courier to tamper with the camera and knock it offline, making it appear no one is entering home, […]


Vulnerabilities

Microsoft Patches Critical Windows DNS Client Vulnerabilities

October 11, 2017

Via: Threat Post

Three critical Windows DNS client vulnerabilities were patched today by Microsoft, closing off an avenue where an attacker could relatively simply respond to DNS queries with malicious code and gain arbitrary code execution on Windows clients or Windows Server installations. […]


Vulnerabilities

Netgear Fixes 50 Vulnerabilities in Routers, Switches, NAS Devices

October 3, 2017

Via: Threat Post

Netgear recently issued 50 patches for its routers, switches, NAS devices, and wireless access points to resolve vulnerabilities ranging from remote code execution bugs to authentication bypass flaws. Twenty of the patches address “high” vulnerability issues with the remaining 30 […]


Vulnerabilities

Oracle Patches Apache Struts, Reminds Users to Update Equifax Bug

September 27, 2017

Via: Threat Post

Oracle released fixes for a handful of recently patched Apache Struts 2 vulnerabilities, including a critical remote code execution vulnerability (CVE-2017-9805) that could let an attacker take control of an affected system, late last week. The Apache Software Foundation patched […]