Open Source

Google adds OSS-Fuzz open source fuzzer capability to discover Log4Shell vulnerability

As the catastrophic Log4j vulnerability continues to cause havoc on the internet and organizations, Google in collaboration with security firm Code Intelligence has released an update to open source fuzzer (OSS-Fuzz) that can detect the Log4Shell vulnerability.

Tags: , , , , ,

Microsoft October 2020 Security Updates and “Bad Neighbor” RCE fix (updated)

Microsoft has released the October 2020 Security updates that includes patches for 87 vulnerabilities, 11 of them rated Critical. The update also includes a patch for a Critical “Bad Neighbor” vulnerability and two out-of-band patches.

Tags: , , , , , , , , , , , , , , , ,

Microsoft March 2020 Security Updates, fix for SMBv3 RCE vulnerability (updated)

Microsoft released the March 2020 Security Updates that include 115 unique vulnerability fixes, 26 of those rated critical. This is the largest patch release in Microsoft’s history. Microsoft also issued guidance and a new security update to fix an SMBv3 RCE vulnerability dubbed SMBGhost.

Tags: , , , , , , , , , , , , , ,

Microsoft introduces Application Inspector

Microsoft has introduced a new source code analyzer tool dubbed Microsoft Application Inspector. The tool is designed to “identify interesting features in source code” and can help enable developers understand software components your apps use.

Tags: , , , , , , , , , ,