Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)
Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, …
Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)
It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, …
Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)
On October 2021 Patch Tuesday, Microsoft has fixed 71 CVE-numbered vulnerabilities. Of those, only one was a zero-day exploited in attacks in the wild (CVE-2021-40449) and …
Apple fixes iOS zero-day exploited in the wild (CVE-2021-30883)
With the newest iOS and iPad updates, Apple has fixed another vulnerability (CVE-2021-30883) that is being actively exploited by attackers. About CVE-2021-30883 CVE-2021-30883 …
A new zero-day is being exploited to compromise Macs (CVE-2021-30869)
Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and …
Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)
Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in …
Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444)
Attackers are exploiting CVE-2021-40444, a zero-day remote code execution vulnerability in MSHTML (the main HTML component of the Internet Explorer browser), to compromise …
Microsoft patches actively exploited zero-day (CVE-2021-36948), more Print Spooler flaws
Microsoft’s August 2021 Patch Tuesday is pretty lightweight, through it covers a wide variety of Microsoft solutions. 44 CVE-numbered security holes have been plugged, …
Explosion of 0-day exploits: The bad news and the good news
Have you noticed that lately we’ve been hearing more about in-the-wild attacks exploiting 0-day vulnerabilities? “Halfway into 2021, there have been 33 0-day …
SolarWinds patches zero-day exploited in the wild (CVE-2021-35211)
SolarWinds has released an emergency patch for CVE-2021-35211, a RCE vulnerability affecting its Serv-U Managed File Transfer and Serv-U Secure FTP that is currently being …
Apple fixes actively exploited vulnerabilities affecting older iDevices
Apple has released a security update for older iDevices (iPhones, iPads and iPods) to fix three vulnerabilities, two of which are zero-days that are apparently actively …
June 2021 Patch Tuesday: Microsoft fixes six actively exploited zero-days
On this June 2021 Patch Tuesday: Microsoft has fixed 50 security vulnerabilities, six of which are actively exploited zero-days Adobe has delivered security updates for …