Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Threatpost
Posts tagged "patch"
Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch
Two separate campaigns from different threat actors targeted users with the same exploit kit for more than a month before the company fixed an RCE flaw found in February.
Threatpost
Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday
The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.
Threatpost
RCE Bugs in Hugely Popular VoIP Apps: Patch Now!
The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that’s found in a massive number of VoIP implementations.
Threatpost
RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now!
The flaws are in the ubiquitous open-source PJSIP multimedia communication library, used by the Asterisk PBX toolkit that’s found in a massive number of VoIP implementations.
Threatpost
Chrome Zero-Day Under Active Attack: Patch ASAP
The year’s 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems.
Threatpost
No Critical Bugs for Microsoft February 2022 Patch Tuesday, 1 Zero-Day
This batch had zero critical CVEs, which is unheard of. Most (50) of the patches are labeled Important, so don’t delay to apply the patches, security experts said.
Threatpost
Third Log4J Bug Can Trigger DoS; Apache Issues Patch
The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI.
Threatpost
Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs
Experts urged users to prioritize patches for Microsoft Exchange and Excel, those favorite platforms so frequently targeted by cybercriminals and nation-state actors.
Threatpost
CISA Urges Sites to Patch Critical RCE in Discourse
The patch, urgently rushed out on Friday, is an emergency fix for the widely deployed platform, whose No. 1 most trafficked site is Amazon’s Seller Central.