July Patch Tuesday Unleashes a Torrent of Updates
Credit to Author: Andrew Brandt| Date: Tue, 09 Jul 2024 18:05:32 +0000
Microsoft fixes 138 bugs in Windows and other products this month
Read morerce
THREAT ADVISORY: Zero-Day Vulnerabilities Detected on WinRAR
Credit to Author: Quickheal| Date: Mon, 04 Sep 2023 06:21:13 +0000
Zero-day vulnerabilities represent an imminent threat to cybersecurity, and in this case, two such vulnerabilities, CVE-2023-38831 and CVE-2023-40477,…
The post THREAT ADVISORY: Zero-Day Vulnerabilities Detected on WinRAR appeared first on Quick Heal Blog.
Read moreUpdate now! WinRAR files can be abused to run malware
Categories: Exploits and vulnerabilities Categories: News Tags: WinRAR Tags: CVE-2023-40477 Tags: RCE Tags: Windows 11 A new version of WinRAR is available that patches two vulnerabilities attackers could use for remote code execution. |
The post Update now! WinRAR files can be abused to run malware appeared first on Malwarebytes Labs.
Read morePatch now! Citrix Sharefile joins the list of actively exploited file sharing software
Categories: Exploits and vulnerabilities Categories: News Tags: Citrix Tags: ShareFile Tags: CVE-2023-24489 Tags: RCE Tags: unauthenticated Tags: vulnerability Tags: PoC Citrix ShareFile can be exploited remotely by unauthenticated attackers. |
The post Patch now! Citrix Sharefile joins the list of actively exploited file sharing software appeared first on Malwarebytes Labs.
Read moreMinecraft fans beware: Players and servers at risk from BleedingPipe vulnerability
Categories: Personal Tags: Minecraft Tags: mod Tags: forge Tags: players Tags: vulnerability Tags: RCE Tags: bleedingpipe Tags: malware Minecraft players interested in modding are at risk from a remote code execution vulnerability targeting both players and servers. |
The post Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability appeared first on Malwarebytes Labs.
Read moreGhostscript bug could allow rogue documents to run system commands
Credit to Author: Paul Ducklin| Date: Tue, 04 Jul 2023 17:57:16 +0000
Even if you’ve never heard of the venerable Ghostscript project, you may have it installed without knowing.
Read moreASUS warns router customers: Patch now, or block all inbound requests
Credit to Author: Paul Ducklin| Date: Tue, 20 Jun 2023 16:14:45 +0000
“Do as we say, not as we do!” – The patches took ages to come out, but don’t let that lure you into taking ages to install them.
Read moreVMware patches critical vulnerabilities in Aria Operations for Networks
Categories: Exploits and vulnerabilities Categories: News Tags: cve-2023-20887 Tags: cve-2023-20888 Tags: cve-2023-20889 Tags: vmware Tags: Aria Operations for Networks Tags: RCE Tags: information disclosure Tags: deserialization Tags: command injection VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution |
The post VMware patches critical vulnerabilities in Aria Operations for Networks appeared first on Malwarebytes Labs.
Read morePaperCut security vulnerabilities under active attack – vendor urges customers to patch
Credit to Author: Paul Ducklin| Date: Tue, 25 Apr 2023 17:53:39 +0000
If you have the product, but you haven’t patched – well, the crooks have now landed, so please don’t delay. Do it today…
Read moreApple zero-day spyware patches extended to cover older Macs, iPhones and iPads
Credit to Author: Paul Ducklin| Date: Mon, 10 Apr 2023 20:20:44 +0000
That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices – patch now!
Read more