security update
Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292)
It’s a light November 2021 Patch Tuesday from Microsoft: 55 fixed CVEs, of which two are zero-days under active exploitation: CVE-2021-42321, a Microsoft Exchange RCE, …
Avoiding the costly ESU cycle: Lessons learned from Windows 7 end-of-life
In June 2021, Microsoft announced the end-of-life date for Windows 10: 14 October 2025. From that point on, there will be no new updates or security fixes for the Home or Pro …
Apple fixes security feature bypass in macOS (CVE-2021-30892)
Apple has delivered a barrage of security updates for most of its devices this week, and among the vulnerabilities fixed are CVE-2021-30892, a System Integrity Protection …
Apple fixes iOS zero-day exploited in the wild (CVE-2021-30883)
With the newest iOS and iPad updates, Apple has fixed another vulnerability (CVE-2021-30883) that is being actively exploited by attackers. About CVE-2021-30883 CVE-2021-30883 …
Apache OpenOffice users should upgrade to newest security release!
The Apache Software Foundation (ASF) has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed …
October 2021 Patch Tuesday forecast: Halloween came early this year
Halloween is not until the end of the month, but there has already been a lot of scary activity leading up to this patch Tuesday. PrintNightmare and Apple zero-days are just a …
A new zero-day is being exploited to compromise Macs (CVE-2021-30869)
Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and …
A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035)
Apache OpenOffice, one of the most popular open-source office productivity software suites, sports a RCE vulnerability (CVE-2021-33035) that could be triggered via a specially …
Plug critical VMware vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005)
VMware has fixed 19 vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation, the most critical of which is CVE-2021-22005. “This vulnerability can be …
Microsoft patches actively exploited MSHTML zero-day RCE (CVE-2021-40444)
On September 2021 Patch Tuesday, Microsoft has fixed 66 CVE-numbered vulnerabilities in a wide variety of its solutions. Of these, the most crucial to address is …
Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)
Apple has released security updates for macOS, iOS, iPadOS, watchOS and Safari that patch two vulnerabilities (CVE-2021-30860, CVE-2021-30858) that are being exploited in …
September 2021 Patch Tuesday forecast: It’s new operating system season
Summer vacations are coming to a close and, for many, the children are finally going back to school providing some quiet time. I hope everyone is well rested because the fall …
Featured news
Resources
Don't miss
- Digital sovereignty becomes a matter of resilience for Europe
- Storm-2603 spotted deploying ransomware on exploited SharePoint servers
- CISO New York 2025 brings together top cybersecurity leaders
- Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)
- Autoswagger: Open-source tool to expose hidden API authorization flaws