A massive security flaw discovered in Skype. Fix not coming anytime soon.

Credit to Author: Shriram Munde| Date: Wed, 14 Feb 2018 09:10:30 +0000

Quick Heal Security Labs has recently learned about a serious vulnerability in Skype’s update installer – that’s the bad news. The worse news is, Microsoft is not going to patch the vulnerability anytime soon as this would require the updater to go through a ‘large code revision’. What is this…

Read more

Vulnerabilities found in Broadcom Wi-Fi adapter of Lenovo laptop chipsets

Credit to Author: Shriram Munde| Date: Tue, 13 Feb 2018 12:07:22 +0000

Vulnerabilities found in Broadcom Wi-Fi adapter of Lenovo laptop chipsets Lenovo recently released an advisory, warning customers about two critical Broadcom vulnerabilities which impact 25 models of its popular ThinkPad lineup. The Broadcom Wi-Fi chipsets used by Lenovo ThinkPad devices are affected by the CVE-2017-11120 & CVE-2017-11121 vulnerabilities. Both these issues…

Read more

An analysis of an MS office document exploiting a zero-day flash player vulnerability (CVE-2018-4878)

Credit to Author: Quick Heal Security Labs| Date: Wed, 07 Feb 2018 13:59:42 +0000

Important update! Adobe Systems released a critical security update on 6.02.2017 to fix the vulnerability discussed in this post. We recommend you to apply the update immediately. Summary of the vulnerability CVE-2018-4878 is a use-after-free vulnerability present in Adobe Flash Player 28.0.0.137 and its earlier versions are being exploited in…

Read more

CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!

Credit to Author: Pradeep Kulkarni| Date: Sat, 03 Feb 2018 09:39:38 +0000

The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe the in wild attack is targeted and it impacts limited windows users….

Read more

Adobe, Microsoft Patch Critical Cracks

Credit to Author: BrianKrebs| Date: Tue, 14 Nov 2017 23:12:32 +0000

It’s Nov. 14 — the second Tuesday of the month (a.k.a. “Patch Tuesday) — and Adobe and Microsoft have issued gobs of security updates for their software. Microsoft’s 11 patch bundles fix more than four-dozen security holes in various Windows versions and Office products — including at least four serious flaws that were publicly disclosed prior to today. Meanwhile, Adobe’s got security updates available for a slew of titles, including Flash Player, Photoshop, Reader and Shockwave.

Read more

What is Bad Rabbit Ransomware and how can you stay safe?

Credit to Author: Rajib Singha| Date: Wed, 25 Oct 2017 10:52:50 +0000

On 24 October 2017 (Tuesday), a new ransomware was let loose on the Internet. It is known as Bad Rabbit and seems to bear similar characteristics to the infamous NotPetya ransomware. Victims of Bad Rabbit Organizations in Russia and Ukraine were the initial casualties of this ransomware – they include…

The post What is Bad Rabbit Ransomware and how can you stay safe? appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.

Read more

Microsoft’s October Patch Batch Fixes 62 Flaws

Credit to Author: BrianKrebs| Date: Wed, 11 Oct 2017 14:18:40 +0000

Microsoft on Tuesday released software updates to fix at least 62 security vulnerabilities in Windows, Office and other software. Two of those flaws were detailed publicly before yesterday’s patches were released, and one of them is already being exploited in active attacks, so attackers already have a head start.

Read more

Adobe, Microsoft Plug Critical Security Holes

Credit to Author: BrianKrebs| Date: Wed, 13 Sep 2017 16:42:30 +0000

Adobe and Microsoft both on Tuesday released patches to plug critical security vulnerabilities in their products. Microsoft’s patch bundles fix close to 80 separate security problems in various versions of its Windows operating system and related software, including two vulnerabilities that already are being exploited in active attacks. Adobe’s new version of its Flash Player software fixes two flaws that malware or attackers could use to seize remote control over vulnerable computers with no help from users.

Read more

Flash Player is Dead, Long Live Flash Player!

Credit to Author: BrianKrebs| Date: Wed, 02 Aug 2017 16:17:05 +0000

Adobe last week detailed plans to retire its Flash Player software, a cross-platform browser plugin so powerful and so packed with security holes that it has become the favorite target of malware developers. To help eradicate this ubiquitous liability, Adobe is enlisting the help of Apple, Facebook, Google, Microsoft and Mozilla. But don’t break out the bubbly just yet: Adobe says Flash won’t be put down officially until 2020.

Read more