Microsoft issued the November 2019 Security Updates that include 74 unique vulnerability fixes, 13 of those rated critical. In addition, Microsoft provided guidance for a vulnerability CVE-2019-16863 in Trusted Platform Module (TPM).
For the third time this year, Microsoft has warned users and organizations to stay vigilant against BlueKeep and patch their systems. In collaboration with security researchers, Microsoft investigated recent system crashes have been caused by a BlueKeep Metasploit module.
Organizations should prioritize getting rid of end-of-support (EOS) software. To assist in that effort, the Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an EOS software report list.
Trend Micro has revealed a rogue employee has stolen 120,000 consumer customer records from an internal customer service database.
Fraudsters are actively exploiting a bug in Firefox that causes the browser to freeze with a warning message the victim computer is running a pirated version of Windows.
Apple has released security updates for iOS, macOS, watchOS, Safari, iCloud, tvOS and iTunes.
Google has released a new security update for Chrome browser 78.0.3904.87 for Windows, Mac and Linux. There are reports of one of those vulnerabilities CVE-2019-13720 being exploited in the wild.
Samba has released a software update and patches for three security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
Security researchers discovered an unsecured Adobe Creative Cloud Elasticsearch database that exposed nearly 7.5 million user records.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has warned of an ongoing and widespread phishing campaign designed to spread Emotet malware throughout Australia.