Tag: rce

Microsoft patches actively exploited Windows kernel flaw

February 11, 2021

This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical. Yesterday was the second Tuesday of the month, which means that Microsoft is rolling out patches for security vulnerabilities found in Windows and its other products. This year’s second batch of security updates brings … More Microsoft patches actively exploited Windows kernel flaw

55 security flaws found in various Apple services

October 14, 2020

Five ethical hackers have earned almost US$300,000 in bug bounty rewards – so far. A team of five ethical hackers have discovered a grand total of 55 vulnerabilities in a range of Apple’s services, with almost a dozen flaws rated as critical. The disclosed security loopholes – which were found over a span of three months … More 55 security flaws found in various Apple services

New Internet Explorer zero‑day remains unpatched

January 21, 2020

You may want to implement a workaround or stop using the browser altogether, at least until Microsoft issues a a fix. Microsoft has released a security advisory alerting users to an as-yet unpatched vulnerability in its Internet Explorer (IE) web browser that is being exploited in limited targeted attacks. The zero-day, which is tracked as CVE-2020-0674, is a … More New Internet Explorer zero‑day remains unpatched

Patch now! Why the BlueKeep vulnerability is a big deal

May 24, 2019

What you need to know about the critical security hole that could enable the next WannaCryptor. Remember the panic that hit organizations around the world on May 12th, 2017 when machine after machine displayed the WannaCryptor ransom screen? Well, we might have a similar incident on our hands in the coming days, weeks or months … More Patch now! Why the BlueKeep vulnerability is a big deal

‘Highly critical’ bug exposes unpatched Drupal sites to attacks

February 28, 2019

Worse, attackers have already been spotted targeting the flaw to deliver cryptocurrency miners and other payloads. Days after the team behind Drupal urged website admins to apply an update patching a highly critical vulnerability in the content management system (CMS) platform, threat actors were spotted exploiting the loophole in the wild. The remote code execution … More ‘Highly critical’ bug exposes unpatched Drupal sites to attacks