HackDig : Dig high-quality web security articles for hacker

Windows has a zero-day that won’t be patched for weeks

byJohn E DunnCybercriminals are exploiting two unpatched zero-day flaws affecting all supported versions of Windows, Microsoft has warned.The Remote Code Execution (RCE) vulnerabilities affect Adobe Type Manager (ATM) Library, the part of Windows that manages PostScript Type 1 fonts.For now, there are no CVE identifiers and the only confirmed details are in
Publish At:2020-03-25 09:06 | Read:152 | Comments:0 | Tags:Microsoft Operating Systems Security threats Vulnerability W

Delayed Adobe patches fix long list of critical flaws

byJohn E DunnNotice anything missing from last week’s Microsoft Patch Tuesday?Obscured by a long list of Microsoft patches and some fuss about a missing SMB fix, the answer is Adobe, which normally times its update cycle to coincide with the OS giant’s monthly schedule.It’s mostly a practical convenience – admins and end-users get all the important cli
Publish At:2020-03-19 08:57 | Read:271 | Comments:0 | Tags:Adobe Microsoft Security threats Vulnerability Acrobat Reade

Microsoft’s Patch Tuesday updates for March 2020 fix 115 issues

Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues have been rated as critical severity. Microsoft’s Patch Tuesday updates for March 2020 address 115 vulnerabilities, 26 issues affecting Windows, Word, Dynamics Business Central, Edge, and Internet Explorer have been rated as critical severity. Microsoft’s Patch Tues
Publish At:2020-03-11 07:35 | Read:257 | Comments:0 | Tags:Breaking News Security Hacking information security news it

March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes

Following the unexpectedly long list of fixes included in last month’s Patch Tuesday, March brings an even longer one, albeit less eventful. A total of 115 vulnerabilities were fixed, 26 of which were identified as Critical as they could lead to remote code execution (RCE). 88 were classified as Important and included patches for various Windows components s
Publish At:2020-03-10 23:00 | Read:261 | Comments:0 | Tags:Vulnerabilities Patch Tuesday

IE zero day and heap of RDP flaws fixed in February Patch Tuesday

byJohn E DunnWeeks after the world first got wind of it, Microsoft has finally patched the Internet Explorer (IE) zero-day flaw the company said in January was being used in “limited targeted attacks”.The fix is part of the February Patch Tuesday update that features a record 99 security vulnerabilities including 12 marked as ‘critical’ and 87 ‘important’.Th
Publish At:2020-02-15 12:44 | Read:408 | Comments:0 | Tags:Adobe Internet Explorer Microsoft Operating Systems Vulnerab

Microsoft Patch Tuesday updates for February 2020 fix IE 0day flaw

Microsoft February 2020 Patch Tuesday updates address a total of 99 new vulnerabilities, including an Internet Explorer zero-day exploited in the wild. Microsoft has released the Patch Tuesday updates for February 2020 that address a total of 99 vulnerabilities, including an Internet Explorer zero-day tracked as CVE-2020-0674 reportedly exploite
Publish At:2020-02-12 07:12 | Read:250 | Comments:0 | Tags:APT Breaking News Hacking Security CVE-2020-0674 Darkhotel h

February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities

The first Patch Tuesday of 2020 in January brought an unusually long list of patches, but February brings an even wider range of fixes that address a total of 99 vulnerabilities — including 12 classified as Critical, with the remaining 99 deemed Important. Only five of the vulnerabilities were made public before the patches were released; one of these was ra
Publish At:2020-02-11 21:00 | Read:342 | Comments:0 | Tags:Exploits Vulnerabilities LNK Patch Tuesday RDP Remote Deskto

January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs

2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for fixes, but Microsoft released patches for 49 vulnerabilities (eight of which are Critical and all the remaining classified as Important) in this cycle. None of these vulnerabilities are known to be under attack at this time. The listed vulnerab
Publish At:2020-01-15 03:20 | Read:405 | Comments:0 | Tags:Exploits Vulnerabilities Microsoft Patch Tuesday

December Patch Tuesday: Vulnerabilities in Windows components, RDP, and PowerPoint Get Fixes

Microsoft released a total of 36 patches for December’s Patch Tuesday. Decembers tend to have a relatively low number of patches, and the last Patch Tuesday of the 2010s was no different. Seven of the 36 patches were identified as Critical, 28 Important, and one Moderate. The vulnerabilities covered a wide variety of Microsoft products, including Windows, In
Publish At:2019-12-11 02:35 | Read:681 | Comments:0 | Tags:Vulnerabilities December Patch Tuesday Patch Tuesday

Microsoft November 2019 Patch Tuesday Reveals 74 Patches Before Major Windows Update

Following the relatively light list from last month, November proved to be a much more eventful month for Microsoft users. The November Patch Tuesday holds more fixes with a total of 74 patches, 13 of which were classified as Critical patches for remote code execution (RCE) vulnerabilities. The remaining majority were rated as Important and included patches
Publish At:2019-11-13 02:35 | Read:792 | Comments:0 | Tags:Vulnerabilities Microsoft Patch Tuesday

Adobe fixes 46 critical bugs in patchfest

byDanny BradburyAdobe patched a total of 82 vulnerabilities across a range of products on Tuesday, including 46 critical bugs.The lion’s share of the patches, which the company flagged on 11 October, came in a single advisory covering Acrobat and Acrobat Reader on the Windows and macOS platforms, extending back to the Classic 2015 versions.There were
Publish At:2019-10-17 06:05 | Read:594 | Comments:0 | Tags:Adobe Organisations Security threats Acrobat Acrobat Reader

Short October Patch Tuesday Includes Remote Desktop Client, Browser, and Authentication Patches

October’s Patch Tuesday is relatively modest, with Microsoft releasing a total of 59 patches. However, this shorter list still warrants attention. Nine of the 59 were still identified as Critical, while the remaining 50 were labeled Important. Most of the critical bulletins were for various Internet Explorer and Microsoft Edge vulnerabilities, with one cover
Publish At:2019-10-09 03:20 | Read:760 | Comments:0 | Tags:Vulnerabilities October 2019 Patch Tuesday Patch Tuesday

Microsoft patches two critical remote code execution (RCE) flaws that have been exploited in attacks

Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulner
Publish At:2017-06-14 02:05 | Read:3387 | Comments:0 | Tags:Breaking News Hacking Uncategorized critical remote code exe

Microsoft Addresses Zero-Day Vulnerability Ahead of Patch Tuesday

Due to its highly critical nature, a zero-day vulnerability (CVE-2017-0290) that exploits Microsoft Malware Protection Engine (MsMpEng) was addressed by the company in an out-of-band security update just before May’s patch Tuesday. Discovered and disclosed to Microsoft by Google Project Zero’s Natalie Silvanovich and Tavis Ormandy, this vulnerability a
Publish At:2017-05-13 14:15 | Read:3877 | Comments:0 | Tags:Exploits Vulnerabilities Patch Tuesday Vulnerability

April Patch Tuesday: Microsoft Patches Office Vulnerability Used in Zero-Day Attacks

One of the major updates for this month’s Patch Tuesday addresses CVE-2017-0199, a zero-day remote code execution vulnerability that allowed attackers to exploit a flaw that exists in the Windows Object Linking and Embedding (OLE) interface of Microsoft Office. This flaw is currently being exploited by the notorious DRIDEX banking trojan. Threat actors lever
Publish At:2017-04-16 14:45 | Read:3165 | Comments:0 | Tags:Vulnerabilities Patch Tuesday Vulnerability

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud