Dell patches severe SupportAssist vulnerability
Dell deployed a patch to fix a high severity DLL hijacking vulnerability in its SupportAssist software, that comes bundled with Dell business and personal PCs.
“SACK Panic” Linux vulnerabilities
The CERT Coordination Center (CERT/CC) has released a security advisory for multiple "SACK Panic" vulnerabilities that impact Linux kernels. In addition, a related flaw also impacts FreeBSD.
Apache patches Tomcat HTTP/2 DoS vulnerability
The Apache Software Foundation has released new Apache Tomcat security updates to address an HTTP/2 Denial of Service (DoS) vulnerability.
Oracle patches Critical WebLogic vulnerability exploited in the wild
Oracle has released a patch for a critical vulnerability CVE-2019-2729 in Oracle WebLogic Server, exploited in the wild. The company also warns bad actors can remotely exploit the flaw without a username and password.
Firefox security update fixes critical zero-day flaw abused in the wild
Mozilla has released a security update that fixes a critical vulnerability in Firefox 67.0.3 and Firefox ESR 60.7.1.
Samba patches two vulnerabilities
Samba has released fixes for two security vulnerabilities that impact Samba products. A remote attacker could take advantage of these bugs and exploit unpatched systems.
DHS issues new warning on BlueKeep threat
The Department of Homeland Security (DHS) just issued a new warning on the "wormable" BlueKeep threat and vulnerability. DHS says attackers can exploit unpatched systems to perform remote code execution.
YubiKey FIPS devices recalled after security issue found
Yubico has issued a recall of certain models of its YubiKey FIPS series devices after the company discovered security issues.
Chrome security update fixes high severity bug
Google has released a new security update for Chrome 75.0.3770.90 for Windows, Mac and Linux.
Intel security updates for multiple products
Intel has released security and firmware updates that fix vulnerabilities in multiple Intel products.