security update Archives - Help Net Security

Microsoft fixes 25 critical issues in August Patch Tuesday

The Microsoft August 2017 Patch Tuesday update has landed and contains patches for 48 vulnerabilities, 25 of which are for critical issues. 27 of the vulnerabilities can be …

Siemens CT scanners open to remote compromise via publicly available exploits

Siemens has finally provided patches for a number of Microsoft Windows SMBv1 vulnerabilities that affect some of the medical devices sold under the Siemens Healthineers brand. …

Apple patches critical Broadpwn vulnerability in its various OSes

July 20, 2017
Apple
iOS
macOS

Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws …

Why Kodi boxes can pose a serious malware threat

When new streaming devices, such as the Amazon Firestick and Apple TV, were first introduced, many were intrigued by the ease by which they could watch “over the …

Azure AD Connect vulnerability allows attackers to reset admin passwords

A vulnerability in Azure AD Connect could be exploited by attackers to reset passwords and gain unauthorized access to on-premises AD privileged user accounts, Microsoft …

Google researcher uncovers another RCE in Microsoft Malware Protection Engine

June 27, 2017
antivirus
Google
Microsoft

Google Project Zero researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine, which …

8 RCE, DoS holes in Microsoft Malware Protection Engine plugged

After the discovery and the fixing of a “crazy bad” remote code execution flaw in the Microsoft Malware Protection Engine earlier this month, now comes another …

Vulnerability opens FreeRADIUS servers to unauthenticated attackers

A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS. There is currently no indication …

Critical Samba code execution hole plugged, patch ASAP!

May 25, 2017
Linux
macOS
open source

The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …

Joomla users: Update immediately to kill severe SQLi vulnerability

May 18, 2017
CMS
exploit
joomla

Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher …