Update now! April’s Patch Tuesday includes a fix for one zero-day

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Apple

Tags: Google

Tags: Adobe

Tags: Cisco

Tags: SAP

Tags: Mozilla

Tags: CVE-2023-28252

Tags: CVE-2023-28231

Tags: CVE-2023-21554

Tags: Word

Tags: Publisher

Tags: Office

One fixed vulnerability is being actively exploited by a ransomware gang and many others were fixed in this month’s Patch Tuesday updates.

(Read more…)

The post Update now! April’s Patch Tuesday includes a fix for one zero-day appeared first on Malwarebytes Labs.

Read more

Update now! February’s Patch Tuesday tackles three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Apple

Tags: Adobe

Tags: SAP

Tags: Citrix

Tags: Cisco

Tags: Atlassian

Tags: Google

Tags: Mozilla

Tags: Forta

Tags: OpenSSH

Tags: CVE-2023-21823

Tags: CVE-2023-21715

Tags: OneNote

Tags: CVE-2023-23376

Tags: CVE-2023-21706

Tags: CVE-2023-21707

Tags: CVE-2023-21529

Tags: CVE-2023-21716

Tags: CVE-2023-23378

Tags: CVE-2023-22501

Tags: CVE-2023-24486

Tags: CVE-2023-24484

Tags: CVE-2023-24484

Tags: CVE-2023-24483

Tags: CVE-2023-25136

Tags: GoAnywhere

Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors

(Read more…)

The post Update now! February’s Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.

Read more

Update now! Two zero-days fixed in 2022’s last patch Tuesday

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Android

Tags: Apple

Tags: Mozilla

Tags: Google

Tags: Sap

Tags: Citrix

Tags: Fortinet

Tags: Cisco

Tags: CVE-2022-44698

Tags: MotW

Tags: CVE-2022-44710

Tags: race condition

Tags: CVE-2022-44670

Tags: CVE-2022-44676

Tags: CVE-2022-41076

Tags: remote powershell

The last patch Tuesday of 2022 is here—find out what Microsoft and many others have fixed

(Read more…)

The post Update now! Two zero-days fixed in 2022’s last patch Tuesday appeared first on Malwarebytes Labs.

Read more

Cisco warns of ISE vulnerability with no fixed release or workaround

Categories: Exploits and vulnerabilities

Categories: News

Tags: Cisco

Tags: Identity Services Engine

Tags: AnyConnect VPN server

Tags: CVE-2022-20822

Tags: CVE-2022-20959

Tags: CVE-2022-20933

Tags: input validation

Cisco’s latest security advisory includes a vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) that could allow an attacker to read and delete files.

(Read more…)

The post Cisco warns of ISE vulnerability with no fixed release or workaround appeared first on Malwarebytes Labs.

Read more

Update now! Microsoft patches two zero-days

Categories: News

Tags: CVE-2022-37969

Tags: CVE-2022-23960

Tags: CVE-2022-35805

Tags: CVE-2022-34700

Tags: CVE-2022-34718

Tags: CVE-2022-34721

Tags: CVE-2022-34722

Tags: Microsoft

Tags: Adobe

Tags: Android

Tags: Apple

Tags: Cisco

Tags: Google

Tags: Samsung

Tags: SAP

Tags: VMWare

The September 2022 Patch Tuesday updates includes two zero-day vulnerabilities, one of which is known to be used in attacks

(Read more…)

The post Update now! Microsoft patches two zero-days appeared first on Malwarebytes Labs.

Read more

Update now! Microsoft fixes two zero-days in August’s Patch Tuesday

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: patch Tuesday

Tags: MSDT

Tags: NFS

Tags: PPP

Tags: Exchange

Tags: CVE-2022-34713

Tags: CVE-2022-35743

Tags: DogWalk

Tags: CVE-2022-30134

Tags: CVE-2022-24477

Tags: CVE-2022-24516

Tags: CVE-2022-30133

Tags: CVE-2022-34715

Tags: Adobe

Tags: Cisco

Tags: Google

Tags: Android

Tags: SAP

Tags: VMWare

Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft’s fixed and a brief look at what other vendors did.

(Read more…)

The post Update now! Microsoft fixes two zero-days in August’s Patch Tuesday appeared first on Malwarebytes Labs.

Read more

Patch now! Cisco VPN routers are vulnerable to remote control

Credit to Author: Pieter Arntz| Date: Sun, 07 Aug 2022 11:14:14 +0000

Cisco has released a security advisory about some serious security vulnerabilities in multiple Cisco small business VPN routers.

The post Patch now! Cisco VPN routers are vulnerable to remote control appeared first on Malwarebytes Labs.

Read more

Update now—July Patch Tuesday patches include fix for exploited zero-day

Credit to Author: Pieter Arntz| Date: Wed, 13 Jul 2022 12:21:53 +0000

July’s Patch Tuesday gives us a lot of important security updates. Most prominently, a known to be exploited vulnerability in Windows CSRSS.

The post Update now—July Patch Tuesday patches include fix for exploited zero-day appeared first on Malwarebytes Labs.

Read more

Update now! Microsoft releases patches, including one for actively exploited zero-day

Credit to Author: Pieter Arntz| Date: Wed, 11 May 2022 14:36:23 +0000

May’s Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones.

The post Update now! Microsoft releases patches, including one for actively exploited zero-day appeared first on Malwarebytes Labs.

Read more

CISA list of 95 new known exploited vulnerabilities raises questions

Credit to Author: Pieter Arntz| Date: Mon, 14 Mar 2022 11:18:33 +0000

When CISA decided to add 95 known exploited vulnerabilities to its catalog in one day, we decided to do some digging.

The post CISA list of 95 new known exploited vulnerabilities raises questions appeared first on Malwarebytes Labs.

Read more