Microsoft patches actively exploited Windows kernel flaw

This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical. Yesterday was the second Tuesday of the month, which means that Microsoft is rolling out patches for security vulnerabilities found in Windows and its other products. This year’s second batch of security updates brings … More Microsoft patches actively exploited Windows kernel flaw

DNSpooq bugs expose millions of devices to DNS cache poisoning

Security flaws in a widely used DNS software package could allow attackers to send users to malicious websites or to remotely hijack their devices. Millions of devices could be vulnerable to Domain Name System (DNS) cache poisoning and remote code execution attacks due to seven security flaws in dnsmasq, DNS forwarding and caching software commonly found in smartphones, … More DNSpooq bugs expose millions of devices to DNS cache poisoning

Bumble bugs could have exposed personal data of all users

The information at risk of theft due to API flaws included people’s pictures, locations, dating preferences and Facebook data. Security vulnerabilities in Bumble, one of today’s most popular dating apps, could have exposed the personal information of its entire, almost 100 million-strong user-base. The bugs – which affected Bumble’s application programming interface (API) and stemmed … More Bumble bugs could have exposed personal data of all users

Google squashes two more Chrome bugs under active attacks

The updates come on the heels of news of attacks exploiting another zero-day in Chrome in tandem with a previously-unknown Windows flaw. Two weeks after patching an actively-exploited vulnerability affecting Chrome for desktop, Google is squashing another zero-day bug in the browser’s version for Windows, macOS, and Linux, as well as pushing out an update for Chrome … More Google squashes two more Chrome bugs under active attacks

Google patches Chrome zero‑day under attack

In addition to patching the actively exploited bug, the update also brings fixes for another four security loopholes. Google has rolled out an update to its Chrome web browser that fixes five security flaws, including a vulnerability that is known to be actively exploited by attackers. “Google is aware of reports that an exploit for … More Google patches Chrome zero‑day under attack