Zero-days Archives - Page 2 of 14

Attackers Exploit Forta GoAnywhere Zero-day Vulnerability

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 17, 2023 / CVE-2023-0669, Forta, GoAnywhere, Zero-day

Attackers have been exploiting a Forta GoAnywhere zero-day vulnerability (CVE-2023-0669).

Attackers Exploit Forta GoAnywhere Zero-day Vulnerability Read More »

Microsoft February 2023 Security Updates addresses 79 vulnerabilities (9 rated Critical, 3 zero days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 16, 2023 / CVE-2023-21715, CVE-2023-21823, CVE-2023-23376, PEAP, RCE

The Microsoft February 2023 Security Updates includes patches and advisories for 79 vulnerabilities, including 9 Critical severity remote code execution issues and three zero-days exploited in the wild.

Microsoft February 2023 Security Updates addresses 79 vulnerabilities (9 rated Critical, 3 zero days) Read More »

Apple Fixes Exploited Zero-Day Vulnerability (CVE-2023-23529) in IOS, Safari and macOS

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 14, 2023 / Apple, CVE-2023-23529, iOS1631, macOS, Safari, Ventura, Webkit

Apple has released an emergency security update that fixes a zero-day exploited vulnerability (CVE-2023-23529) in iOS, Safari, and macOS, under attack in the wild.

Apple Fixes Exploited Zero-Day Vulnerability (CVE-2023-23529) in IOS, Safari and macOS Read More »

Apple patches vulnerabilities in iOS 16.3, macOS Ventura 13.2, and other products (plus zero-day in older iPhones)

Mobile Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / January 25, 2023 / Apple, CVE-2022-42856, iOS163, iPhone, macOS, Safari, Ventura, Ventura132

Apple has released security updates for Apple iOS 16.3, macOS Ventura 13.2, macOS Big Sur 11.7.3, Safari 16.3, and other products. In addition a zero-day iOS fix was also made available for older iPhones.

Apple patches vulnerabilities in iOS 16.3, macOS Ventura 13.2, and other products (plus zero-day in older iPhones) Read More »

CISA adds 2 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog (to include 1 Windows zero-day)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / January 12, 2023 / CISA, CVE-2022-41080, CVE-2023-21674, Exchange, Exploit, Windows

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Exchange and one Windows zero-day vulnerability to its Known Exploited Vulnerabilities Catalog.

CISA adds 2 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog (to include 1 Windows zero-day) Read More »

Microsoft December 2022 Security Updates addresses 53 vulnerabilities (7 Critical, 1 exploited in the wild)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / December 17, 2022 / CVE-2022-41076, CVE-2022-41089, CVE-2022-41127, CVE-2022-44670, CVE-2022-44676, CVE-2022-44690, CVE-2022-44693, CVE-2022-44698, MOTW, PowerSHell, SmartScreen

The Microsoft December 2022 Security Updates includes patches and advisories for 53 vulnerabilities, including seven Critical severity issues and one exploited in the wild.

Microsoft December 2022 Security Updates addresses 53 vulnerabilities (7 Critical, 1 exploited in the wild) Read More »

Google fixes Chrome 108 zero-day vulnerability (CVE-2022-4262) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / December 4, 2022 / Chrome, CVE-2022-4262, Zero-day

Google has released Chrome 108.0.5359.94 for Mac and Linux and 108.0.5359.94/.95 for Windows with a fix for a High severity zero-day vulnerability (CVE-2022-4262) exploited in the wild.

Google fixes Chrome 108 zero-day vulnerability (CVE-2022-4262) exploited in the wild Read More »

Microsoft November 2022 Security Updates addresses 65 vulnerabilities (6 zero-days to include ProxyNotShell)

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 11, 2022 / CVE-2022-3602, CVE-2022-3786, CVE-2022-41040, CVE-2022-41073, CVE-2022-41082, CVE-2022-41091, CVE-2022-41125, CVE-2022-41128, Exchange, ProxyNotShell

The Microsoft November 2022 Security Updates includes patches and advisories for 65 vulnerabilities, including 6 zero-days and 10 Critical severity issues.

Microsoft November 2022 Security Updates addresses 65 vulnerabilities (6 zero-days to include ProxyNotShell) Read More »

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS and Chrome zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 30, 2022 / AnyConnect, Chrome 107, Cisco, CVE-2018-19320, CVE-2018-19321, CVE-2018-19322, CVE-2018-19323, CVE-2020-3153, CVE-2020-3433, CVE-2022-3723, CVE-2022-42827, Gigabyte, iOS

The Cybersecurity and Infrastructure Security Agency (CISA) has added 8 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple iOS, Google Chrome, Cisco AnyConnect Secure, and Gigabyte vulnerabilities.

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS and Chrome zero-days) Read More »

Google fixes Chrome 107 zero-day vulnerability (CVE-2022-3723) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 30, 2022 / Chrome, Chrome 107, CVE-2022-3723, Zero-day

Google has released Chrome 107.0.5304.87 for Mac and Linux and 107.0.5304.87/.88 for Windows with a fix for a High severity zero-day vulnerability CVE-2022-3723 exploited in the wild.

Google fixes Chrome 107 zero-day vulnerability (CVE-2022-3723) exploited in the wild Read More »