Security Updates & Patches Archives - Page 5 of 86

Google releases Chrome 106 (106.0.5249.119) security update with fixes for 6 High severity vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 16, 2022 October 16, 2022 / Chrome, Chrome 106, CVE-2022-3445, CVE-2022-3446, CVE-2022-3447, CVE-2022-3448, CVE-2022-3449, CVE-2022-3450, Safe Browsing, Skia, WebSQL

Google has released Chrome 106 (106.0.5249.119) for Windows, Mac and Linux, with fixes for six High severity vulnerabilities.

Adobe security updates for multiple products (17 Critical vulnerabilities fixed)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 13, 2022 October 13, 2022 / Acrobat and Reader, Adobe, Adobe Acrobat, Adobe Commerce, Cold Fusion, Magento

Adobe has released security updates that address multiple vulnerabilities in Adobe Dimension, Adobe Cold Fusion, Adobe Acrobat and Reader, and Adobe Commerce and Magneto Open Source.

Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 12, 2022 November 11, 2022 / Active Directory, Azure, CVE-2022-22035, CVE-2022-24504, CVE-2022-30198, CVE-2022-33634, CVE-2022-34689, CVE-2022-37968, CVE-2022-37976, CVE-2022-37979, CVE-2022-38000, CVE-2022-38047, CVE-2022-38048, CVE-2022-41033, CVE-2022-41034, CVE-2022-41038, CVE-2022-41081, EoP, Hyper-V, Kubernetes, Office, Point-to-Point, PPT, RCE, SharePoint, Vulnerabilities

The Microsoft October 2022 Security Updates includes patches and advisories for 84 vulnerabilities, including 2 zero-day and 13 Critical severity issues. However, the ProxyNotShell vulnerabilities were not addressed.

Apple releases security update for iOS 16.0.3

Mobile Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 10, 2022 October 10, 2022 / Apple, CVE-2022-22658, iOS, iOS1603, iPhone

Apple has released a security update for Apple iOS 16.0.3 with a fix for a Mail vulnerability CVE-2022-22658. A remote attacker could exploit some of these vulnerabilities to take control of unpatched device.

Android Security Bulletin for October 2022

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 10, 2022 December 7, 2022 / Android, CVE-2022-20419, mobile, Vulnerabilities

Google has released its Android Security Bulletin for October 2022 with details of security vulnerabilities affecting Android devices.

Google releases Chrome 106 security update with fixes for 2 High severity vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 3, 2022 October 3, 2022 / Chrome, Chrome 106, CVE-2022-3370, CVE-2022-3373, Google, iOS

Google has released Chrome 106 (106.0.5249.91) for Windows, Mac and Linux, with fixes for three vulnerabilities (two rated High severity).

CISA adds 3 vulnerabilities to Known Exploited Vulnerabilities Catalog

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 1, 2022 October 1, 2022 / Atlassian, CVE-2022-36804, CVE-2022-41040, CVE-2022-41082, Exchange, Microsoft

The Cybersecurity and Infrastructure Security Agency (CISA) has added 3 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Microsoft Exchange and Atlassian flaws.

Drupal patches Critical Twig third-party library vulnerability (CVE-2022-39261)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / October 1, 2022 October 1, 2022 / CVE-2022-39261, Drupal, Twig

Drupal has patched a Critical Twig third-party library vulnerability (CVE-2022-39261) that affect multiple versions of Drupal Core.

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 1, 2022 November 12, 2022 / CVE-2022-41040, CVE-2022-41082, Exchange, Exchange Server 2019, IIS, Microsoft, PowerSHell, ProxyNotShell, Vulnerabilities, Zero-day

Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.

Sophos Firewall RCE vulnerability (CVE-2022-3236) exploited the wild

Network Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / September 23, 2022 September 23, 2022 / CISA, CVE-2022-3236, Firewall, Sophos, Webadmin, Zoho

Sophos has fixed a Sophos Firewall remote code execution (RCE) vulnerability (CVE-2022-3236) exploited in the wild.