Patch Tuesday, August 2018 Edition

Credit to Author: BrianKrebs| Date: Wed, 15 Aug 2018 14:52:21 +0000

Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two “zero-day” flaws that attackers were already exploiting before Microsoft issued patches to fix them.

Read more

CVE-2018-4990 – Adobe Reader Double Free (Zero Day) vulnerability alert!

Credit to Author: Prashant Kadam| Date: Wed, 16 May 2018 13:10:48 +0000

The recent zero-day vulnerability CVE-2018-4990 in Adobe Reader enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-09 on May 14, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions…

Read more

CVE-2018-8174: Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

CVE-2018-8174 : Windows VBScript Engine Remote Code Execution Vulnerability – An advisory by Quick Heal Security Labs

Credit to Author: Prashant Kadam| Date: Thu, 10 May 2018 11:50:17 +0000

The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows…

Read more

The A-Z dictionary of cybersecurity terms

Credit to Author: Rajib Singha| Date: Thu, 15 Mar 2018 11:30:50 +0000

Whether you are a normal user or a tech-guru, being aware of the computer security threats will help fortify your defense against them. So, here’s a handy A-Z dictionary of cybersecurity terms. Index A | B | C | D | E | F | I | K | L…

Read more

A massive security flaw discovered in Skype. Fix not coming anytime soon.

Credit to Author: Shriram Munde| Date: Wed, 14 Feb 2018 09:10:30 +0000

Quick Heal Security Labs has recently learned about a serious vulnerability in Skype’s update installer – that’s the bad news. The worse news is, Microsoft is not going to patch the vulnerability anytime soon as this would require the updater to go through a ‘large code revision’. What is this…

Read more

Microsoft Patch Tuesday, February 2018 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Feb 2018 21:13:27 +0000

Microsoft today released a bevy of security updates to tackle more than 50 serious weaknesses in Windows, Internet Explorer/Edge, Microsoft Office and Adobe Flash Player, among other products. A good number of the patches issued today ship with Microsoft’s “critical” rating, meaning the problems they fix could be exploited remotely by miscreants or malware to seize complete control over vulnerable systems — with little or no help from users.

Read more

Vulnerabilities found in Broadcom Wi-Fi adapter of Lenovo laptop chipsets

Credit to Author: Shriram Munde| Date: Tue, 13 Feb 2018 12:07:22 +0000

Vulnerabilities found in Broadcom Wi-Fi adapter of Lenovo laptop chipsets Lenovo recently released an advisory, warning customers about two critical Broadcom vulnerabilities which impact 25 models of its popular ThinkPad lineup. The Broadcom Wi-Fi chipsets used by Lenovo ThinkPad devices are affected by the CVE-2017-11120 & CVE-2017-11121 vulnerabilities. Both these issues…

Read more

Meltdown and Spectre: Quick Heal compatibility update

Credit to Author: Rajib Singha| Date: Tue, 09 Jan 2018 12:15:27 +0000

This is an important advisory for our readers about the recently discovered CPU exploits called Meltdown and Spectre. Product Compatibility: Microsoft had requested security ISVs (Independent Software Vendors) to perform testing with the January 3 update in order to ensure their products are compatible with the Microsoft update. Based on the…

Read more

What do we need to know about the CPU exploits Meltdown and Spectre?

Credit to Author: Quick Heal Security Labs| Date: Thu, 04 Jan 2018 13:02:09 +0000

What exactly is a vulnerability? A security vulnerability (also known as a security hole) is a security flaw detected in a product that may leave it open to hackers and malware. Using such vulnerabilities, attackers can exploit the affected system/product for their profit in various ways. What is an exploit? Exploits…

Read more

What do we need to know about the CPU vulnerabilities Meltdown and Spectre?

Credit to Author: Quick Heal Security Labs| Date: Thu, 04 Jan 2018 13:02:09 +0000

What exactly is a vulnerability? A security vulnerability (also known as a security hole) is a security flaw detected in a product that may leave it open to hackers and malware. Using such vulnerabilities, attackers can exploit the affected system/product for their profit in various ways. What is an exploit? Exploits…

Read more