‘Wormable’ Flaw Leads January 2022 Patch Tuesday

Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.

Read more

Microsoft Patch Tuesday, December 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 14 Dec 2021 22:23:44 +0000

Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But this month’s Patch Tuesday is being overshadowed by the “Log4Shell” 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw.

Read more

Microsoft Patch Tuesday, November 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 09 Nov 2021 20:39:07 +0000

Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Two of the patches address vulnerabilities that are already being used in active attacks online, and four of the flaws were disclosed publicly before today — potentially giving adversaries a head start in figuring out how to exploit them.

Read more

‘Trojan Source’ Bug Threatens the Security of All Code

Credit to Author: BrianKrebs| Date: Mon, 01 Nov 2021 04:23:36 +0000

Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. The vulnerability disclosure was coordinated with multiple organizations, some of whom are now releasing updates to address the security weakness.

Read more

Patch Tuesday, October 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 12 Oct 2021 19:52:09 +0000

Microsoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited in active attacks. This month’s Patch Tuesday also includes security fixes for the newly released Windows 11 operating system.

Read more

Microsoft Patch Tuesday, September 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 14 Sep 2021 21:00:42 +0000

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google’s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.

Read more

Microsoft Patch Tuesday, August 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 10 Aug 2021 21:12:58 +0000

Microsoft today released software updates to plug at least 44 security vulnerabilities in its Windows operating systems and related products. The software giant warned that attackers already are pouncing on one of the flaws, which ironically enough involves an easy-to-exploit bug in the software component responsible for patching Windows 10 PCs and Windows Server 2019 machines.

Read more

Microsoft Patch Tuesday, July 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Jul 2021 21:41:47 +0000

Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. A half of dozen of the vulnerabilities addressed today are under active attack, according to Microsoft.

Read more