September 2021 Patch Tuesday forecast: It’s new operating system season
Summer vacations are coming to a close and, for many, the children are finally going back to school providing some quiet time. I hope everyone is well rested because the fall …
Windows Server
Bosch upgrades its Dicentis system server with new hardware from HP
The Dicentis system server from Bosch has become very popular since its launch in 2019, with more than 60% of Dicentis Conference System installations now including the …
PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)
CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …
May 2021 Patch Tuesday forecast: Spring cleaning is in order
There’s an event referred to as spring cleaning, where we take some time from our regular routines to focus on bringing order back to our homes. We remove the junk that has …
Guardicore extends microsegmentation and zero trust security to protect legacy infrastructure and IT
Guardicore announced new capabilities that extends microsegmentation and zero trust security to the industry broadest catalog of legacy servers, applications, and operating …
February 2021 Patch Tuesday: Microsoft and Adobe fix exploited zero-days
On this February 2021 Patch Tuesday: Adobe has fixed a Reader flaw used in limited attacks, as well as delivered security updates for a variety of products, including Acrobat …
October 2020 Patch Tuesday: Microsoft fixes potentially wormable Windows TCP/IP RCE flaw
On this October 2020 Patch Tuesday: Microsoft has plugged 87 security holes, including critical ones in the Windows TCP/IP stack and Microsoft Outlook and Microsoft 365 Apps …
CISA orders federal agencies to implement Zerologon fix by Monday
If you had any doubts about the criticality of the Zerologon vulnerability (CVE-2020-1472) affecting Windows Server, here is a confirmation: the US Cybersecurity and …
Are your domain controllers safe from Zerologon attacks?
CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability …
Windows users under attack via two new RCE zero-days
Attackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems, Microsoft warns. The attacks …
Wormable Windows SMBv3 RCE flaw leaked, but not patched
Yesterday, when Microsoft released its regular Patch Tuesday fixes, Cisco Talos and Fortinet inadvertently(?) also published information about CVE-2020-0796, a …
BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable
Two weeks have passed since Microsoft released security fixes and mitigation advice to defang exploits taking advantage of CVE-2019-0708 (aka BlueKeep), a wormable …
