Security Updates & Patches Archives - Page 4 of 86

OpenSSL fixes 2 High risk vulnerabilities (CVE-2022-3786 and CVE-2022-3602)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 2, 2022 November 2, 2022 / Crypto, CVE-2022-3602, CVE-2022-3786, HTTPS, OpenSSL, TLS, X.509

OpenSSL has released a security update with fixes for two High risk vulnerabilities (CVE-2022-3786 and CVE-2022-3602).

OpenSSL forewarns of upcoming Critical patch (prepare now)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 30, 2022 October 30, 2022 / HTTPS, OpenSSL, Vulnerabilities

OpenSSL has released an announcement that forewarns of an upcoming Critical patch for a Critical vulnerability in OpenSSL versions 3.0 and above.

VMware Cloud Foundation update fixes Critical RCE vulnerability (CVE-2021-39144) with published exploit code

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 30, 2022 October 30, 2022 / Cloud Foundation, CVE-2021-39144, VMware

VMware has released a security update for VMware Cloud Foundation that fixes a Critical RCE vulnerability via XStream (CVE-2021-39144) and warns exploit code has been published against VCF (NSX-V).

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS and Chrome zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 30, 2022 October 30, 2022 / AnyConnect, Chrome 107, Cisco, CVE-2018-19320, CVE-2018-19321, CVE-2018-19322, CVE-2018-19323, CVE-2020-3153, CVE-2020-3433, CVE-2022-3723, CVE-2022-42827, Gigabyte, iOS

The Cybersecurity and Infrastructure Security Agency (CISA) has added 8 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple iOS, Google Chrome, Cisco AnyConnect Secure, and Gigabyte vulnerabilities.

Google fixes Chrome 107 zero-day vulnerability (CVE-2022-3723) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 30, 2022 October 30, 2022 / Chrome, Chrome 107, CVE-2022-3723, Zero-day

Google has released Chrome 107.0.5304.87 for Mac and Linux and 107.0.5304.87/.88 for Windows with a fix for a High severity zero-day vulnerability CVE-2022-3723 exploited in the wild.

Apple releases new macOS Ventura 13, along with security updates for iOS zero-day and multiple Apple products

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 26, 2022 October 26, 2022 / Apple, Big Sur, CVE-2022-42827, iOS 15.7, iOS 16.1, macOS, Monterey, Safari 16.1, tvOS 16.1, Ventura 13, watchOS, Zero-day

Apple has released new macOS Ventura 13, along with security updates for Apple iOS 16.1, iOS 15.7, macOS Monterey 12.6.1, macOS Big Sur 11.7.1, Safari 16.1, tvOS 16.1, and watchOS 9.1. One zero-day iOS vulnerability was also fixed.

Google releases Chrome 107 security update with fixes for 3 High severity vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 26, 2022 October 26, 2022 / Chrome, Chrome 107, CVE-2022-3652, CVE-2022-3653, CVE-2022-3654

Google has released Chrome 107.0.5304.62 for Mac, 107.0.5304.68 for Linux and 107.0.5304.62/63 for Windows with fixes for 14 vulnerabilities, 3 rated High severity.