Exploits and vulnerabilities – Page 13

Apple releases emergency updates for two known-to-be-exploited vulnerabilities

April 11, 2023 0 Comments Apple, cve-2023-28205, cve-2023-28206, Exploits and vulnerabilities, ios 16.4.1, iosurfaceaccelerator, ipados 16.4.1, macos 13.3.1, news, out-of-bounds write, use-after-free

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: iOS 16.4.1

Tags: iPadOS 16.4.1

Tags: macOS 13.3.1

Tags: CVE-2023-28206

Tags: CVE-2023-28205

Tags: use-after-free

Tags: out-of-bounds write

Tags: IOSurfaceAccelerator

Apple has released iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 for the iPhone, iPad, and Mac, respectively, and our advice is to install them as soon as possible.

MalwareBytes Security

Update Android now! Google patches three important vulnerabilities

April 5, 2023 0 Comments Android, cve-2022-38181, cve-2023-21085, cve-2023-21096, Exploits and vulnerabilities, Google, input validation, news, update, use-after-free

Categories: Android

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Android

Tags: update

Tags: CVE-2023-21085

Tags: CVE-2023-21096

Tags: CVE-2022-38181

Tags: Use-after-free

Tags: input validation

Google has released an Android update that fixes two critical remote code execution (RCE) vulnerabilities, and one vulnerability that has been exploited in the wild.

MalwareBytes Security

Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer

April 3, 2023 0 Comments Azure, cve-2023-23383, Exploits and vulnerabilities, Microsoft, news, rce, super fabrixss, vulnerability

Categories: Exploits and vulnerabilities

Categories: News

Tags: Azure

Tags: Microsoft

Tags: Super FabriXss

Tags: RCE

Tags: vulnerability

Tags: CVE-2023-23383

Researchers disclosed how they found a remote code execution vulnerability in Azure Service Fabric Explorer.

MalwareBytes Security

Update now! Apple fixes actively exploited vulnerability and introduces new features

March 30, 2023 0 Comments Apple, cve-2023-23529, emoji, Exploits and vulnerabilities, iOS, ipados, MacOS, news, studio display, tvOS, type confusion, watchOS

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: macOS

Tags: iOS

Tags: iPadOS

Tags: watchOS

Tags: tvOS

Tags: Studio Display

Tags: CVE-2023-23529

Tags: type confusion

Tags: emoji

Apple has released security updates and new features for several of its products, including a fix for an actively exploited vulnerability.

MalwareBytes Security

Google Pixel: Cropped or edited images can be recovered

March 22, 2023 0 Comments cve-2023-21036, Exploits and vulnerabilities, Google, markup, news, Pixel, png, recover, truncated

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Pixel

Tags: Markup

Tags: CVE-2023-21036

Tags: recover

Tags: PNG

Tags: truncated

A vulnerability in the Markup tool that comes pre-installed on Pixel phones allows anyone with access to the edited image to view parts of the original.

MalwareBytes Security

Update now! Microsoft fixes two zero-day bugs

March 15, 2023 0 Comments 2023, Adobe, Android, cve-2022-41328, cve-2023-23397, cve-2023-24880, cve-2023-26360, Exploits and vulnerabilities, fortinet, march, Microsoft, news, Patch Tuesday, sap

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: March

Tags: 2023

Tags: Microsoft

Tags: Adobe

Tags: Fortinet

Tags: Android

Tags: SAP

Tags: CVE-2023-23397

Tags: CVE-2023-24880

Tags: CVE-2023-26360

Tags: CVE-2022-41328

This Patch Tuesday, Microsoft has released fixes for two actively exploited zero-days and Adobe has fixed one.

(Read more…)

The post Update now! Microsoft fixes two zero-day bugs appeared first on Malwarebytes Labs.

MalwareBytes Security

Clop ransomware is victimizing GoAnywhere MFT customers

March 14, 2023 0 Comments clop, cve-2023-0669, Exploits and vulnerabilities, goanywhere, news, Ransomware

Categories: Exploits and vulnerabilities

Categories: News

Categories: Ransomware

Tags: Clop

Tags: ransomware

Tags: GoAnywhere

Tags: CVE-2023-0669

The Clop ransomware gang has claimed responsibility for attacking several GoAnywhere MFT customers by exploiting a vulnerability in the managed file transfer software’s administrative interface.

MalwareBytes Security

Intel CPU vulnerabilities fixed. But should you update?

March 6, 2023 0 Comments cve-2022-21123, cve-2022-21125, cve-2022-21127, cve-2022-21166, Exploits and vulnerabilities, Intel, microcode, news, vms

Categories: Exploits and vulnerabilities

Categories: News

Tags: CVE-2022-21123

Tags: CVE-2022-21125

Tags: CVE-2022-21127

Tags: CVE-2022-21166

Tags: Intel

Tags: VMs

Tags: microcode

Microsoft has released out of band updates for information disclosure vulnerabilities in Intel CPUs, but who needs them?

MalwareBytes Security

Arris router vulnerability could lead to complete takeover

February 16, 2023 0 Comments arris, cve-2022-45701, default credentials, Exploits and vulnerabilities, news, routre, yerodin richards

Categories: Exploits and vulnerabilities

Categories: News

Tags: Yerodin Richards

Tags: Arris

Tags: routre

Tags: CVE-2022-45701

Tags: default credentials

A security researcher found an authenticated remote code execution vulnerability in very wide-spread Arris router models.

MalwareBytes Security

Update now! February’s Patch Tuesday tackles three zero-days

February 15, 2023 0 Comments Adobe, Apple, atlassian, Cisco, citrix, cve-2023-21529, cve-2023-21706, cve-2023-21707, cve-2023-21715, cve-2023-21716, cve-2023-21823, cve-2023-22501, cve-2023-23376, cve-2023-23378, cve-2023-24483, cve-2023-24484, cve-2023-24486, cve-2023-25136, Exploits and vulnerabilities, forta, goanywhere, Google, Microsoft, Mozilla, news, onenote, openssh, Patch Tuesday, sap

Categories: Exploits and vulnerabilities

Categories: News

Tags: patch Tuesday

Tags: Microsoft

Tags: Apple

Tags: Adobe

Tags: SAP

Tags: Citrix

Tags: Cisco

Tags: Atlassian

Tags: Google

Tags: Mozilla

Tags: Forta

Tags: OpenSSH

Tags: CVE-2023-21823

Tags: CVE-2023-21715

Tags: OneNote

Tags: CVE-2023-23376

Tags: CVE-2023-21706

Tags: CVE-2023-21707

Tags: CVE-2023-21529

Tags: CVE-2023-21716

Tags: CVE-2023-23378

Tags: CVE-2023-22501

Tags: CVE-2023-24486

Tags: CVE-2023-24484

Tags: CVE-2023-24483

Tags: CVE-2023-25136

Tags: GoAnywhere

Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors