The Cybersecurity and Infrastructure Security Agency (CISA) has added one Critical Control Web Panel (CWP) vulnerability to its Known Exploited Vulnerabilities Catalog.
Security Updates & Patches
Securezoo Cybersecurity Threat Center blog posts of new security updates and patches.
Drupal has patched a Moderately Critical ‘Private Taxonomy Terms’ vulnerability that affect multiple versions of Drupal Core.
CISA adds 2 Microsoft vulnerabilities to Known Exploited Vulnerabilities Catalog (to include 1 Windows zero-day)
The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Exchange and one Windows zero-day vulnerability to its Known Exploited Vulnerabilities Catalog.
Microsoft January 2023 Security Updates addresses 98 vulnerabilities (11 rated Critical, 1 zero day)
The Microsoft January 2023 Security Updates includes patches and advisories for 98 vulnerabilities, including 11 Critical severity issues.
Adobe also released four advisories addressing 29 vulnerabilities (16 Critical) in Adobe Acrobat and Reader, Adobe Dimension, InCopy, and InDesign.
Google has released Long Term Support (LTS) 102 security update and Stable Channel update for Chrome OS devices to fix multiple vulnerabilities.
Fortinet has released a security advisory that addresses a Critical ‘command injection in web interface’
vulnerability (CVE-2022-39947) in multiple versions of FortiADC.
The Cybersecurity and Infrastructure Security Agency (CISA) has added two TIBCO vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Security researchers have discovered a Critical remote code execution (RCE) vulnerability in Linux 5.15 Kernel Server Message Block (SMB) server, ksmbd.
Microsoft researchers discovered a vulnerability dubbed “Achilles” in macOS that could allow attackers to bypass Apple’s Gatekeeper security feature designed to ensure that only trusted software runs on your Mac.