The Mozilla Foundation has released Firefox 71 that addresses multiple vulnerabilities. Attackers could exploit some of the vulnerabilities to take control of impacted systems.
Researchers at FireEye have spotted an uptick in active exploits of CVE-2017-11774, an Outlook security feature bypass vulnerability. Attackers are also actively reversing Outlook vulnerability patch functionality. To help protect against such exploits, FireEye has provided Outlook hardening guidelines.
Security researchers have discovered a dangerous Android vulnerability dubbed “StrandHogg” under active attack by dozens of malicious apps. To add, 500 of the most popular apps may also be vulnerable to the StrandHogg vulnerability.
Security experts from Kaspersky have discovered 37 vulnerabilities in four VNC implementations, some that have gone undetected since 1999.
A security researcher has published proof of concept (PoC) for exploit code of an Apache Solr remote code execution vulnerability CVE-2019-12409.
The Internet Systems Consortium (ISC) has released a security update that fixes a vulnerability in multiple versions of ISC Berkeley Internet Name Domain (BIND).
Google has released a new security update for Chrome browser 78.0.3904.108 for Windows, Mac and Linux, as well as a Chrome OS update.
GitHub, one of the world’s leading software development platforms, has launched GitHub Security Lab with aim to secure open source software.
VMware has published a security advisory for multiple vulnerabilities that impact VMware ESXi, Workstation, and Fusion.
Microsoft issued the November 2019 Security Updates that include 74 unique vulnerability fixes, 13 of those rated critical. In addition, Microsoft provided guidance for a vulnerability CVE-2019-16863 in Trusted Platform Module (TPM).