Credit to Author: Katie McCafferty| Date: Fri, 19 Aug 2022 21:38:06 +0000
Microsoft discovered a memory corruption vulnerability in a ChromeOS component that could have been triggered remotely, allowing attackers to perform either a denial-of-service (DoS) or, in extreme cases, remote code execution (RCE).
The post Uncovering a ChromeOS remote memory corruption vulnerability appeared first on Microsoft Security Blog.
Read more
Credit to Author: Greg Lambert| Date: Sat, 13 Aug 2022 04:58:00 -0700
Microsoft’s August Patch Tuesday release addresses 123 security issues in Microsoft Windows, Office, Exchange (it’s back!) and Visual Studio — and unfortunately, we have two zero-days with reports of active exploitation in the wild. Since this is a broad update, it will require planning and testing before deployment.
The first (CVE-2022-34713) occurs in the Windows diagnostic tools and the second (CVE-2022-30134) affects Microsoft Exchange. Basically, the holidays are over and it’s time to pay attention to Microsoft updates again. We have made “Patch Now” recommendations for Windows, Exchange and Adobe for this month.
Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: patch Tuesday Tags: MSDT Tags: NFS Tags: PPP Tags: Exchange Tags: CVE-2022-34713 Tags: CVE-2022-35743 Tags: DogWalk Tags: CVE-2022-30134 Tags: CVE-2022-24477 Tags: CVE-2022-24516 Tags: CVE-2022-30133 Tags: CVE-2022-34715 Tags: Adobe Tags: Cisco Tags: Google Tags: Android Tags: SAP Tags: VMWare Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft’s fixed and a brief look at what other vendors did. |
The post Update now! Microsoft fixes two zero-days in August’s Patch Tuesday appeared first on Malwarebytes Labs.
Read more
Credit to Author: Paul Ducklin| Date: Thu, 11 Aug 2022 14:34:09 +0000
Latest episode – listen now! (Or read the transcript if you prefer.)
Read more
Credit to Author: Angela Gunn| Date: Wed, 10 Aug 2022 12:31:41 +0000
Another tough month for Azure admins; meanwhile, Windows takes a long road to a Dogwalk
Read moreCategories: A week in security Tags: backdoor Tags: blog recap Tags: bytedance Tags: cookies Tags: data breach Tags: Google Tags: linux Tags: microsoft Tags: ransomware Tags: SQL injection Tags: T-Mobile Tags: tiktok Tags: Uber Tags: week in security The most important and interesting computer security stories from the last week. |
The post A week in security (July 25 – July 31) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Mon, 01 Aug 2022 09:51:04 +0000
The most important and interesting computer security stories from the last week.
The post A week in security (July 25 – July 31) appeared first on Malwarebytes Labs.
Read more
Credit to Author: Susan Bradley| Date: Mon, 25 Jul 2022 09:00:00 -0700
Do you run a small business with on-premises servers?
Chances are, you rely on technology that includes servers, whether they’re Windows- or Linux-based. With that in mind, Microsoft recently announced it’s previewing “server protection for small business” — bundling the offering with Microsoft Defender for Business.
This is noteworthy because until now, most Endpoint Detection and Response (EDR) solutions have been expensive and typically only deployed by larger enterprises. (EDR is an integrated, layered approach to endpoint protection that combines real-time continuous monitoring and endpoint data analytics with rule-based automated response.)
Credit to Author: Paul Ducklin| Date: Sat, 23 Jul 2022 01:10:38 +0000
20 years to turn it on, then 20 weeks to turn it off, then just 2 weeks to turn it back on again. That’s progress!
Read more
Credit to Author: Paul Ducklin| Date: Thu, 14 Jul 2022 18:47:47 +0000
Latest episode – listen now! Great discussion, technical content, solid advice… all covered in plain English.
Read more