December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities.
Threatpost
Posts tagged "zeroday"
Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix
Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.
Threatpost
Apple AirTag Zero-Day Weaponizes Trackers
Apple’s personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS.
Threatpost
100M IoT Devices Exposed By Zero-Day Bug
A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more.
Threatpost
Actively Exploited Windows Zero-Day Gets a Patch
Microsoft’s August 2021 Patch Tuesday addressed a smaller set of bugs than usual, including more Print Spooler problems, a zero-day and seven critical vulnerabilities.
Threatpost
Managing Zero-Day Exploits
There’s a trend toward supply chain attacks, meaning that the zero-day vulnerability could have far-reaching impacts for the company, its partners and customer. The Kayesa ransomware attack is the mos…
Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases
The popular e-commerce platform for WordPress has started deploying emergency patches.
Threatpost
Kaseya Patches Imminent After Zero-Day Exploits, 1,500 Impacted
REvil ransomware gang lowers price for universal decryptor after massive worldwide ransomware push against Kaseya security vulnerability CVE-2021-30116.
Threatpost
HPE Fixes Critical Zero-Day in Server Management Software
The bug in HPE SIM makes it easy as pie for attackers to remotely trigger code, no user interaction necessary.
Threatpost
IOTW: A Massive Zero-Day Attack On Microsoft Exchange Users
It appears that a number of other state-sponsored and rogue hacking groups were tipped off to the vulnerability. Several additional hacking groups have recently been identified as taking advantage of…