Security Updates & Patches

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware

Knotweed threat actors have exploited Microsoft and Adobe 0-day vulnerabilities in targeted attacks against European and Central American customers. The actors also developed Subzero malware used in these attacks.

CISA adds Questions for Confluence App Hard-coded Credentials Vulnerability (CVE-2022-26138) to Known Exploited Vulnerabilities Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical Questions for Confluence App Hard-coded Credentials Vulnerability (CVE-2022-26138) to its Known Exploited Vulnerabilities Catalog.

Oracle Critical Patch Update for July 2022

Oracle has released its Critical Patch Update for July 2022 to include 349 vulnerability fixes across multiple products. The updates also include fixes for Log4j and Spring Framework vulnerabilities.

Google releases Chrome 103 (103.0.5060.134) security updates with fixes for 5 High severity vulnerabilities

Google has released Chrome version 103.0.5060.134 for Windows, Mac and Linux, with fixes for five High severity vulnerabilities. Additionally, Google also published new security updates for ChromeOS and Android.

SAP July 2022 Security Patch Day addresses 4 new ‘High Priority’ vulnerabilities

Software giant SAP has released the July 2022 Security Patch Day that consists of 20 separate security advisories and patches, to include fixes for four new High Priority vulnerabilities.