Vulnerabilities & Exploits

Securezoo Cybersecurity Threat Center blog posts of new vulnerabilities and exploits.

Zoom patches vulnerability that could allow eavesdropping

Remote conferencing service company, Zoom, has patched a vulnerability that could allow a bad actor to eavesdrop on your company’s online meetings.

Zoom patches vulnerability that could allow eavesdropping Read More »

Citrix patches Critical vulnerability exploited in the wild (updated)

Citrix has made available a new permanent fix for a critical vulnerability CVE-2019-19781 in affected versions of Citrix SD-WAN WANOP. The update comes nearly five days after Citrix provided firmware updates for the same vulnerability in Application Delivery Controller (ADC) and Citrix Gateway products. An unathenticated attacker could exploit the vulnerability and execute arbitrary code.

Citrix patches Critical vulnerability exploited in the wild (updated) Read More »

Microsoft issues security advisory and workaround for Critical IE vulnerability (CVE-2020-0674)

Microsoft issued a new security advisory for a Critical Internet Explorer (IE) vulnerability. Attackers could exploit the scripting engine memory corruption vulnerability CVE-2020-0674 in IE and execute arbitrary code.

Microsoft issues security advisory and workaround for Critical IE vulnerability (CVE-2020-0674) Read More »

Oracle Critical Patch Update for January 2020

Oracle has released its Critical Patch Update for January 2020 to include 334 vulnerability fixes across multiple products. The company also continues to receive reports of remote attackers attempting to maliciously exploit unpatched vulnerabilities.

Oracle Critical Patch Update for January 2020 Read More »

Microsoft January 2020 Security Updates (includes fix for Windows CryptoAPI vulnerability)

Microsoft issued the January 2020 Security Updates that include 49 unique vulnerability fixes, 8 of those rated critical and 29 rated important. One of the patches addresses a CryptoAPI Spoofing vulnerability CVE-2020-0601. DHS CISA also issued an emergency directive with recommendations to patch this Windows CryptoAPI, Windows Remote Desktop Gateway (RD Gateway), and Windows Remote Desktop Client.

Microsoft January 2020 Security Updates (includes fix for Windows CryptoAPI vulnerability) Read More »

Windows 7 and Windows Server 2008 versions reach end of support

The time has finally arrived. Microsoft Windows 7 and multiple versions of Windows Server 2008 have reached end of support today, January 14, 2020. As a result, customers will no longer receive technical support and software updates for those products as of today.

Windows 7 and Windows Server 2008 versions reach end of support Read More »