Microsoft fixes 74 bugs in its April, 2019 Patch Tuesday releases

Credit to Author: Yaniv| Date: Tue, 09 Apr 2019 21:28:38 +0000

There are 16 Microsoft bugs marked as critical, as well as serious flaws in Adobe Flash and Acrobat that require immediate attention<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/VAyR1kHbAYM” height=”1″ width=”1″ alt=””/>

Read more

¡Actualiza ya! Microsoft corrige otra vulnerabilidad día cero

Credit to Author: Naked Security| Date: Fri, 21 Dec 2018 14:22:49 +0000

Microsoft ha tenido que solucionar muchas vulnerabilidades día cero recientemente, incluidas la CVE-2018-8611 (corregida este mes) y las de noviembre CVE-2018-8589 y CVE-2018-8589. Ahora acaba de publicar un parche de emergencia que solucionaba una vulnerabilidad de ejecución de código remoto (RCE) día cero en el motor Jscript de Internet Explorer, que afecta a todas las [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/iA6rMAjTs6k” height=”1″ width=”1″ alt=””/>

Read more

CVE-2018-8174: Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

CVE-2018-8174 : Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

Flash, Windows Users: It’s Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 13 Mar 2018 19:36:28 +0000

Adobe and Microsoft each pushed critical security updates to their products today. Adobe’s got a new version of Flash Player available, and Microsoft released 14 updates covering more than 75 vulnerabilities, two of which were publicly disclosed prior to today’s patch release. The Microsoft updates affect all supported Windows operating systems, as well as all supported versions of Internet Explorer/Edge, Office, Sharepoint and Exchange Server. All of the critical vulnerabilities from Microsoft are in browsers and browser-related technologies, according to a post from security firm Qualys.

Read more

Drive-by download campaign targets Chinese websites, experiments with exploits

Credit to Author: Jérôme Segura| Date: Thu, 22 Feb 2018 16:00:00 +0000

This custom made drive-by download attack targets some Chinese websites and their visitors while experimenting with exploits.

Categories:

Tags:

(Read more…)

The post Drive-by download campaign targets Chinese websites, experiments with exploits appeared first on Malwarebytes Labs.

Read more

Attackers Exploiting Unpatched Flaw in Flash

Credit to Author: BrianKrebs| Date: Fri, 02 Feb 2018 14:21:06 +0000

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Adobe said it plans to issue a fix for the flaw in the next few days, but now might be a good time to check your exposure to this still-ubiquitous program and harden your defenses. Adobe said a critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.

Read more

Adobe, Microsoft Patch Critical Cracks

Credit to Author: BrianKrebs| Date: Tue, 14 Nov 2017 23:12:32 +0000

It’s Nov. 14 — the second Tuesday of the month (a.k.a. “Patch Tuesday) — and Adobe and Microsoft have issued gobs of security updates for their software. Microsoft’s 11 patch bundles fix more than four-dozen security holes in various Windows versions and Office products — including at least four serious flaws that were publicly disclosed prior to today. Meanwhile, Adobe’s got security updates available for a slew of titles, including Flash Player, Photoshop, Reader and Shockwave.

Read more

Microsoft, Adobe Ship Critical Fixes

Credit to Author: BrianKrebs| Date: Tue, 13 Jun 2017 19:47:31 +0000

Microsoft today released security updates to fix almost a hundred security flaws in its various Windows operating systems and related software. One bug is so serious that Microsoft is issuing patches for it on Windows XP and other operating systems the company no longer officially supports. Separately, Adobe has pushed critical updates for its Flash and Shockwave players, two programs most users would probably be better off without.

Read more

Keeping Browsing Experience in Users’ Hands, an Update…

Since we published the Keeping Browsing Experience in Users’ Hands blog in December 2015, we’ve received feedback from the ecosystem and engaged in discussions with the industry. Based on those discussions and feedback, we are making a couple of updates. We are broadening the scope of the evaluation criteria we blogged about to state: Programs…

Read more