Vulnerabilities & Exploits

Adobe security updates for Illustrator, After Effects and other products

• Post author:Frank Crast
• Post published:June 17, 2020
• Post category:Security Updates & Patches / Vulnerabilities & Exploits

Adobe has released security updates to address vulnerabilities in Adobe After Effects, Audition, Campaign Classic, Illustrator, Premiere Pro and Premiere Rush products.

Continue Reading Adobe security updates for Illustrator, After Effects and other products

Ripple20 zero-day vulnerabilities impact hundreds of millions of IoT devices

• Post author:Frank Crast
• Post published:June 16, 2020
• Post category:Security Updates & Patches / Vulnerabilities & Exploits / Zero-days

Security researchers have identified a series of 19 zero-day vulnerabilities in a lightweight TCP/IP stack library used in many IoT products. The vulnerabilities dubbed Ripple20 likely impact hundreds of millions of IoT devices.

Continue Reading Ripple20 zero-day vulnerabilities impact hundreds of millions of IoT devices

Google releases Chrome security update (83.0.4103.106)

• Post author:Frank Crast
• Post published:June 16, 2020
• Post category:Security Updates & Patches / Vulnerabilities & Exploits

Google has released Chrome 83.0.4103.106 security update for Windows, Mac and Linux. An attacker could exploit these vulnerabilities to take control of impacted systems.

Continue Reading Google releases Chrome security update (83.0.4103.106)

WordPress 5.4.2 security and maintenance update (includes 6 security fixes)

• Post author:Frank Crast
• Post published:June 12, 2020
• Post category:Security Updates & Patches / Vulnerabilities & Exploits

WordPress has released WordPress 5.4.2 security and maintenance update that includes fixes for multiple security issues and bugs. All WordPress versions 5.4.1 and earlier are affected.

Continue Reading WordPress 5.4.2 security and maintenance update (includes 6 security fixes)

New PoC exploits SMBv3 vulnerability on unpatched systems

• Post author:Frank Crast
• Post published:June 9, 2020
• Post category:Network Security / Security Updates & Patches / Vulnerabilities & Exploits

A security researcher has developed new proof-of-concept (PoC) code that can exploit an SMBv3 compression remote code execution (RCE) vulnerability CVE-2020-0796 on unpatched Windows systems.

Continue Reading New PoC exploits SMBv3 vulnerability on unpatched systems

Google releases Chrome security update (83.0.4103.97)

• Post author:Frank Crast
• Post published:June 4, 2020
• Post category:Security Updates & Patches / Vulnerabilities & Exploits

Google has released Chrome 83.0.4103.97 for Windows, Mac and Linux. In addition, the company also released new versions of Chrome for iOS and Android.

Continue Reading Google releases Chrome security update (83.0.4103.97)

Mozilla releases Firefox 77 with new DevTool improvements, security updates

• Post author:Frank Crast
• Post published:June 3, 2020
• Post category:Security Updates & Patches / Vulnerabilities & Exploits

The Mozilla Foundation has released Firefox 77 with new DevTool improvements and web platform updates. The update also includes fixes for multiple vulnerabilities.

Continue Reading Mozilla releases Firefox 77 with new DevTool improvements, security updates

Apple releases patch for “unc0ver” jailbreak zero-day vulnerability

• Post author:Frank Crast
• Post published:June 2, 2020
• Post category:Mobile Security / Security Updates & Patches / Vulnerabilities & Exploits / Zero-days

Apple has released a patch for a previously disclosed "Unc0ver" jailbreak 0-day vulnerability. The security updates and patch address iOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, watchOS 6.2.6, tvOS 13.4.6 and other products.

Continue Reading Apple releases patch for “unc0ver” jailbreak zero-day vulnerability

VMware patches multiple vulnerabilities in ESXi, Workstation, Fusion, VMRC and Horizon Client

• Post author:Frank Crast
• Post published:June 1, 2020
• Post category:Security Updates & Patches / Vulnerabilities & Exploits

VMware issued a security advisory for multiple vulnerabilities that impact VMware ESXi, Workstation, Fusion, VMRC and Horizon Client products. An attacker could exploit one of these vulnerabilities and take control of an unpatched system.

Continue Reading VMware patches multiple vulnerabilities in ESXi, Workstation, Fusion, VMRC and Horizon Client

Sandworm actors exploiting Exim MTA vulnerability

• Post author:Frank Crast
• Post published:May 29, 2020
• Post category:Cybersecurity Attacks / Vulnerabilities & Exploits

The National Security Agency (NSA) issued a new warning of Russian cyber actors exploiting an Exim Mail Transfer Agent (MTA) vulnerability CVE-2019-10149. The cyber attacks have been ongoing since last August.

Continue Reading Sandworm actors exploiting Exim MTA vulnerability