microsoft-office

Microsoft released out-of-band security update Microsoft Office and Paint 3D

A week after the April 2020 Patch Tuesday, Microsoft released an out-of-band security update that fixes remote code execution vulnerabilities in Office, Office 365 ProPlus, and Paint 3D. The applications are affected by multiple Autodesk vulnerabilities that, if exploited, could enable remote code execution. The newly disclosed bugs stem from the Autodesk’s library for the FBX…

Intel Logo

Intel Patches Security Vulnerabilities in Latest Update

Intel addressed medium and high-severity vulnerabilities in its April 2020 security update; the vulnerabilities in Intel software and firmware programs could potentially allow attackers to launch denial-of-service (DoS) attacks and enables escalation of privilege. Out of the 6 vulnerabilities Intel addressed in the security update published on April 14, 3 of them were patched, and…

vMware logo

VMware patched critical flaw on vCenter Server

VMware has fixed a critical vulnerability in its latest security update. The critical information-disclosure bug exists in the vCenter Server virtual infrastructure management platform.  “With vCenter Server, virtual environments are easier to manage: a single administrator can manage hundreds of workloads, more than doubling typical productivity when managing physical infrastructure,” says VMware. The vulnerability in…

Mozilla Firefox Logo

Mozilla releases security patches for Firefox critical vulnerabilities exploited in the wild

Mozilla patched two critical zero-days in Firefox 74.0.1. The vulnerabilities were exploited in the wild through targeted attacks. Mozilla is now urging users to update their Firefox browsers to fix the two bugs. The two vulnerabilities, tracked as CVE-2020-6819 and CVE-2020-6820, are both use-after-free. Use-after-free flaws are a type of memory corruption that could lead…

WordPress ThemeREX

WordPress ThemeREX Addons Vulnerability Now Patched

WordPress security plugin, Wordfence, released security patches for the vulnerable ThemeREX Addons plugin; they previously released a firewall rule for the Wordfence Premium users. Wordfence published a list of all affected ThemeREX themes and their patched versions, along with the vulnerable versions of the ThemeREX Addons plugin and the corresponding newly patched versions. ThemeREX Creates…

Wormable Vulnerability Found In Windows

Wormable Vulnerability Found In Windows, No Patch Available

Shortly after releasing its monthly security update, Microsoft separately issued an advisory warning billions of its Windows users of a new critical, unpatched, and wormable vulnerability affecting Microsoft Server Message Block (SMB) protocol. The issue, tracked as CVE-2020-0796, is pre- remote code execution vulnerability that resides in the Server Message Block 3.0 (SMBv3) network communication protocol. Microsoft did…

Microsoft-Exchange-Servrar

Microsoft Exchange-Servrars Sårbarhet Utnyttjat Av Apt-Grupper

Flera statliga sponsrade hackgrupper utnyttjar en sårbarhet i Microsoft Exchange-servrar som företaget lagade i februari. Utnyttjningsförsöken upptäcktes först av det brittiska cybersäkerhetsföretaget Volexity i fredags. Volexity bekräftade att utnyttjandet av denna säkerhetsbrist började i slutet av februari, med flera organisationer som redan hade sina nätverk komprometterade efter att statligt kontrollerade ”advanced persistent threats” (APT) -grupper…