security update
Incoming OpenSSL critical fix: Organizations, users, get ready!
UPDATE (November 1, 2022, 01:55 p.m. ET): OpenSSL version 3.0.7 is out, and the severity of the vulnerability has been downgraded. Check out what you should be doing next. The …
Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)
For the ninth time this year, Apple has released fixes for a zero-day vulnerability (CVE-2022-42827) exploited by attackers to compromise iPhones. About CVE-2022-42827 …
Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …
Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)
October 2022 Patch Tuesday is here, with fixes for 85 CVE-numbered vulnerabilities, including CVE-2022-41033, a vulnerability in Windows COM+ Event System Service that has …
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)
After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, …
Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)
Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability (CVE-2022-32917) exploited by attackers in the wild. About …
Patch critical flaw in Atlassian Bitbucket Server and Data Center! (CVE-2022-36804)
A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable …
Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)
GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to …
Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)
Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in …
Microsoft fixes exploited zero-day in Windows Support Diagnostic Tool (CVE-2022-34713)
The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively …
August 2022 Patch Tuesday forecast: Printers again?
July 2022 Patch Tuesday came and went quietly as expected. Microsoft addressed 40 CVEs in Windows 11 and 46 CVEs in the Windows 10 set of updates. It was a little unusual …
VMware: Patch this critical vulnerability immediately! (CVE-2022-31656)
VMware has released fixes for ten vulnerabilities, including CVE-2022-31656, an authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager and …
Featured news
Sponsored
Don't miss
- Ransom recovery costs reach $2.73 million
- What is cybersecurity mesh architecture (CSMA)?
- New SOHO router malware aims for cloud accounts, internal company resources
- Dropbox says attackers accessed customer and MFA info, API keys
- 2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element