It’s Patch Tuesday and still no fix for ProxyNotShell Microsoft Exchange holes
Patch Tuesday And for bonus points, there's a Windows flaw under active exploit
Patches11 Oct 2022 | 21
Patches
Fortinet warns of critical flaw in its security appliance OSes, admin panels
Naturally, they're already under attack – so you know what to do next
Patches11 Oct 2022 | 15
Make your neighbor think their house is haunted by blinking their Ikea smart bulbs
Radio comms vulnerabilities detailed
Patches08 Oct 2022 | 54
Atlassian, Microsoft bugs on CISA’s must-patch list after exploitation spree
Some days, security just feels like a total illusion. OK, most days...
Patches04 Oct 2022 | 7
Sophos fixes critical firewall hole exploited by miscreants
Code-injection bug in your network security... mmm, yum yum
Patches28 Sep 2022 | 9
Alert: 15-year-old Python tarfile flaw lurks in 'over 350,000' code projects
Oh cool, a 5,500-day security hole
Patches22 Sep 2022 | 53
WordPress-powered sites backdoored after FishPig suffers supply chain attack
And two other security snafus in this web publishing world
Patches15 Sep 2022 | 18
Microsoft fixes Windows security hole likely widely exploited by miscreants
Patch Tuesday Plus: Nasty no-auth RCE in TCP/IP stack, Adobe flaws, and many more updates
Patches13 Sep 2022 | 14
Google urges open source community to fuzz test code
We'll even get our checkbook out, web giant says
Patches08 Sep 2022 | 10
Go programming language arrives at security warnings that are useful
Low-noise tool hopes to highlight vulnerabilities imported into projects
Patches06 Sep 2022 | 6
Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers
Grab and deploy this backend update if you offer even repo read access
Patches29 Aug 2022 | 6
80,000 internet-connected cameras still vulnerable after critical patch offered
Just more IoT conscripts for the botnet armies
Patches24 Aug 2022 | 15
If you haven't patched Zimbra holes by now, assume you're toast
Here's how to detect an intrusion via vulnerable email systems
Patches23 Aug 2022 |
Google, Apple squash exploitable browser bugs
Chrome flaw has public exploit, WebKit hole actively abused along with kernel escalation
Patches17 Aug 2022 | 8
Warning! Critical flaws found in US Emergency Alert System
DEF CON may be about to blow lid off security hole
Patches05 Aug 2022 | 14
VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws
Meanwhile, a security update for rsync
Patches03 Aug 2022 | 1
Atlassian reveals critical flaws in almost everything it makes and touches
Fixes issued, warns it 'has not exhaustively enumerated all potential consequences'
Patches21 Jul 2022 | 13
CISA pulls the fire alarm on Juniper Networks bugs
Hate to ruin your Friday
Patches15 Jul 2022 | 3
Homeland Security warns: Expect Log4j risks for 'a decade or longer'
Great, another thing that's gone endemic
Patches14 Jul 2022 | 12
X.org servers update closes 2 security holes, adds neat component tweaks
Arbitrary code execution flaws in the X Keyboard Extension were bad news
Patches13 Jul 2022 | 7
Microsoft's July Patch Tuesday fixes actively exploited bug
Patch Tuesday No, Windows Autopatch didn't kill the monthly patchapalooza
Patches12 Jul 2022 | 8
Take the day off: Windows Autopatch is live and can even fix cloudy PCs
But first, there's a whole lot of AD and Intune prep to be done
Patches12 Jul 2022 | 13
Google updates Chrome to squash actively exploited WebRTC Zero Day
How sad – this looks like a fine excuse to avoid video conferences for a while
Patches05 Jul 2022 | 10
OpenSSL 3.0.5 awaits release to fix potential worse-than-Heartbleed flaw
Updated Though severity up for debate, and limited chips affected, broken tests hold back previous patch from distribution
Patches27 Jun 2022 | 10
Cisco warns of security holes in its security appliances
Bugs potentially useful for rogue insiders, admin account hijackers
Patches22 Jun 2022 | 11
Microsoft fixes under-attack Windows zero-day Follina
Patch Tuesday Plus: Intel, AMD react to Hertzbleed data-leaking holes in CPUs
Patches15 Jun 2022 | 4
Atlassian: Unpatched years-old flaw under attack right now to hijack Confluence
Updated One option: Take the thing offline until Friday patch applied
Patches03 Jun 2022 | 20
CIOs largely believe their software supply chain is vulnerable
Internal bureaucracy and barriers hold up roll out of defenses, report finds
Patches31 May 2022 | 3
Ransomware attack sends US county back to 1977
In brief Also: Uni details its malware-catching AI, signs of China poking the Russian cyber-bear, and more
Patches29 May 2022 | 8
Talos names eight deadly sins in widely used industrial software
Entire swaths of gear relies on vulnerability-laden Open Automation Software (OAS)
Patches27 May 2022 | 6
Patch now: Zoom chat messages can infect PCs, Macs, phones with malware
Google Project Zero blows lid off bug involving that old chestnut: XML parsing
Patches24 May 2022 | 4
Screencastify fixes bug that would have let rogue websites spy on webcams
Updated School-friendly Chrome extension still not fully protected, privacy guru warns
Patches24 May 2022 | 3
If you've got Intel inside, you probably need to get these security patches inside, too
So. Many. BIOS. Bugs
Patches12 May 2022 | 9
Microsoft closes Windows LSA hole under active attack
Plus many more flaws. And Adobe, Android, SAP join the bug-squashing frenzy
Patches11 May 2022 | 8
F5, Cisco admins: Stop what you're doing and check if you need to install these patches
Updated BIG-IP iControl authentication bypass, NFV VM escape, and more
Patches06 May 2022 | 6
Critical vulnerabilities found in 'millions of Aruba and Avaya switches'
Airports, hospitals, hotels, and more need to deploy patches for hijack bugs
Patches03 May 2022 | 31
Microsoft points at Linux and shouts: Look, look! Privilege-escalation flaws here, too!
Will Redmond start code-naming Windows make-me-admin bugs?
Patches27 Apr 2022 | 111
AWS's Log4j patches blew holes in its own security
Remote code exec is so 2014. Have this container escape and privilege escalation, instead
Patches20 Apr 2022 | 10
Apache says Struts 2 security bug wasn't fully fixed in 2020
But this time the patch should do the trick
Patches13 Apr 2022 | 3
Git for Windows issues update to fix running-someone-else’s-code vuln
Running a multi-user Windows environment and Git? Time to patch
Patches13 Apr 2022 | 2
Microsoft's huge Patch Tuesday includes fix for bug under attack
April bundle addresses 100-plus vulnerabilities including 10 critical RCEs
Patches13 Apr 2022 | 15
Critical bug allows attacker to remotely control medical robot
CVSS 9.8 flaws are not what you want in a hospital robot
Patches12 Apr 2022 | 12
Apple patched critical flaws in macOS Monterey but not in Big Sur nor Catalina
About 35-40% of iGiant's desktop OS installs potentially vulnerable, says Intego
Patches06 Apr 2022 | 70
Biting the hand that feeds IT
