Security Updates & Patches

Securezoo Cybersecurity Threat Center blog posts of new security updates and patches.

PwnKit: “Trivially exploitable” vulnerability found in Linux Polkit’s pkexec tool

Researchers have discovered a “trivially exploitable” local privilege escalation vulnerability (CVE-2021-4034) in Polkit’s pkexec tool that affects likely every major Linux distribution.

PwnKit: “Trivially exploitable” vulnerability found in Linux Polkit’s pkexec tool Read More »

CISA adds 8 new actively exploited vulnerabilities (to include latest Apple zero-day)

The Cybersecurity and Infrastructure Security Agency (CISA) has published 8 new actively exploited vulnerabilities, one of those vulnerabilities (CVE-2022-22587) recently fixed by Apple.

CISA adds 8 new actively exploited vulnerabilities (to include latest Apple zero-day) Read More »

Apple releases iOS 15.3, macOS Monterey 12.2 and other product security updates (with fixes for zero-day vulnerability exploit in wild)

Apple has released security updates for iOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3, and other Apple products. The updates also address a zero-day vulnerability (CVE-2022-22587) exploited in the wild.

Apple releases iOS 15.3, macOS Monterey 12.2 and other product security updates (with fixes for zero-day vulnerability exploit in wild) Read More »

Oracle Critical Patch Update for January 2022

Oracle has released its Critical Patch Update for January 2022 to include 497 vulnerability fixes across multiple products.

Oracle Critical Patch Update for January 2022 Read More »

Cisco patches Critical Privileged Escalation vulnerability in Unified Contact Center Software

Cisco has patched a Critical Privileged Escalation vulnerability in its Unified Contact Center software that could allow an attacker to create admin accounts, as well as access and modify telephony and user resources across all the Unified platforms.

Cisco patches Critical Privileged Escalation vulnerability in Unified Contact Center Software Read More »