Chrome Archives - Help Net Security

Chrome

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

January 26, 2023

Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker …

December 2022 Patch Tuesday forecast: Fine-tuning the connectivity

December 9, 2022

Microsoft wrapped up a lot of ‘loose ends’ last month with their November set of updates, but there is still some work to do before the end-of-year holiday season. The …

Google Chrome zero-day exploited in the wild (CVE-2022-4262)

December 6, 2022

Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome (and Chromium), which is being exploited by attackers in the …

October 2022 Patch Tuesday forecast: Looking for treats, not more tricks

October 7, 2022

We’ve entered the final quarter of 2022 with a favorite holiday for many – Halloween, at the end of the month. Unfortunately, Microsoft has continued to play a few tricks on …

September 2022 Patch Tuesday forecast: No sign of cooling off

September 9, 2022

September is here, and for most of us in the northern hemisphere, cooler temperatures are on the way. Unfortunately, the need to maintain and update our computer systems …

Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)

August 18, 2022

Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in …

Browser synchronization abuse: Bookmarks as a covert data exfiltration channel

August 2, 2022

Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make …

July 2022 Patch Tuesday forecast: A summertime lull?

July 8, 2022

June 2022 Patch Tuesday wrapped up a few loose ends we were waiting on. The Follina remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) …

June 2022 Patch Tuesday forecast: Internet Explorer fades into the sunset

June 10, 2022

May 2022 Patch Tuesday provided the final releases for several Windows 10 operating systems and this month we’ll see the final update for Internet Explorer 11. But don’t go on …

March 2022 Patch Tuesday forecast: Pressure mounts to resolve vulnerabilities

March 4, 2022

February 2022 Patch Tuesday was an anomaly. Not only did we see record low numbers of vulnerabilities addressed across all of Microsoft’s operating systems, but we also saw …

February 2022 Patch Tuesday forecast: A rough start for 2022

February 4, 2022

January 2022 Patch Tuesday was a rough one for Microsoft — and us. In the week following Patch Tuesday, Microsoft was forced to pull and subsequently re-issue several updates …

November 2021 Patch Tuesday forecast: More mandates in the United States

November 8, 2021

The global holiday season is upon us with Diwali happening now, Thanksgiving the end of the month, and then on to Christmas and New Years! But before we all start celebrating, …

Chrome

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

December 2022 Patch Tuesday forecast: Fine-tuning the connectivity

Google Chrome zero-day exploited in the wild (CVE-2022-4262)

October 2022 Patch Tuesday forecast: Looking for treats, not more tricks

September 2022 Patch Tuesday forecast: No sign of cooling off

Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)

Browser synchronization abuse: Bookmarks as a covert data exfiltration channel

July 2022 Patch Tuesday forecast: A summertime lull?

June 2022 Patch Tuesday forecast: Internet Explorer fades into the sunset

March 2022 Patch Tuesday forecast: Pressure mounts to resolve vulnerabilities

February 2022 Patch Tuesday forecast: A rough start for 2022

November 2021 Patch Tuesday forecast: More mandates in the United States

Don't miss

3 business application security risks businesses need to prepare for in 2023

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

Attackers use portable executables of remote management software to great effect

How businesses can bolster their cybersecurity defenses with open source

ChatGPT is a bigger threat to cybersecurity than most realize