Security Updates & Patches Archives - Page 7 of 86

VMware Tools update fixes local privilege escalation vulnerability (CVE-2022-31676)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 25, 2022 August 25, 2022 / CVE-2022-31676, Guest OS, VMware, VMware Tools

VMware has released a security update for VMware Tools that fixes a local privilege escalation vulnerability (CVE-2022-31676).

Apple fixes 2 zero-days (CVE-2022-32894 and CVE-2022-32893) in iOS 15.6.1 and macOS Monterey 12.5.1 (update now!)

Mobile Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / August 19, 2022 August 19, 2022 / CVE-2022-32893, CVE-2022-32894, iOS, iOS15.6.1, macOS, macOS Monterey 12.5.1

Apple has released security updates for Apple iOS 15.6.1, iPadOS 15.6.1, macOS Monterey 12.5.1, and Safari 15.6.1. The updates include fixes for two zero-day vulnerabilities (CVE-2022-32894 and CVE-2022-32893) under attack in the wild.

Google releases Chrome 104 security update with fixes for 11 vulnerabilities (1 zero-day CVE-2022-2856)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / August 19, 2022 August 19, 2022 / Chrome, CVE-2022-2856, Vulnerabilities, Zero-day

Google has released Chrome 104.0.5112.101 (Mac/Linux) and 104.0.5112.102/101 (Windows), with fixes for 11 vulnerabilities (one rated Critical and seven rated High severity). Additionally, one of the patches fixed a zero-day flaw CVE-2022-2856.

Adobe security updates for Acrobat and Reader, Illustrator and other products

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 11, 2022 August 11, 2022 / Acrobat, Adobe, Commerce, Framemaker, Illustrator, PremiereElements, Vulnerabilities

Adobe has released security updates for Acrobat and Reader, Illustrator, FrameMaker, Premiere Elements, and Adobe Commerce.

Microsoft August 2022 Security Updates addresses 121 vulnerabilities (17 Critical and 1 zero-day)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / August 10, 2022 August 10, 2022 / CVE-2022-21980, CVE-2022-24477, CVE-2022-24516, CVE-2022-30133, CVE-2022-33646, CVE-2022-34691, CVE-2022-34696, CVE-2022-34702, CVE-2022-34713, CVE-2022-34714, CVE-2022-35744, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794, CVE-2022-35804, Cybersecurity Threat Center, DogWalk, MSDT

The Microsoft August 2022 Security Updates includes patches and advisories for 121 vulnerabilities, 17 of those rated Critical severity and one zero-day CVE-2022-34713 exploited in the wild.

CISA adds Zimbra vulnerability (CVE-2022-27924) to Known Exploited Vulnerabilities Catalog

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 7, 2022 August 7, 2022 / CVE-2022-27924, Zimbra

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Zimbra vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence that cyber criminals are actively exploiting the vulnerabilities.

Cisco releases Critical advisory for Small Business RV routers

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 7, 2022 August 7, 2022 / CVE-2022-20827, CVE-2022-20841, CVE-2022-20842, Router, Small Business, SMB, VPN, WAN

Cisco has released a Critical security update for three vulnerabilities in Small Business RV Routers. An unauthenticated, remote attacker could execute arbitrary code or cause a denial of service (DoS) condition on an unpatched device.

F5 fixes 12 High severity vulnerabilities in BIG-IP and BIG-IQ products

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 7, 2022 August 7, 2022 / BIG-IP, BIG-IQ, CVE-2022-35243, CVE-2022-35728, F5, Networking

F5 has released fixes for 12 High severity vulnerabilities that affect BIG-IP and BIG-IQ products.

Google releases Chrome 104 security update with fixes for 27 vulnerabilities (7 High severity)

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 3, 2022 August 3, 2022 / Chrome, Chrome 104, CVE-2022-2603, CVE-2022-2604, CVE-2022-2605, CVE-2022-2606, CVE-2022-2607, CVE-2022-2608, CVE-2022-2609

Google has released Chrome 104.0.5112.79 (Mac/Linux) and 104.0.5112.79/80/81 (Windows), with fixes for 27 vulnerabilities (7 rated High severity). Additionally, Google also published new Chrome security updates for iOS and Android.

Knotweed threat actors exploit Microsoft and Adobe 0-days and deliver Subzero malware

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / July 30, 2022 July 30, 2022 / 0-day, Adobe, CVE-2021-28550, CVE-2021-31199, CVE-2021-31201, CVE-2021-36948, CVE-2022-22047, DSIRF, Knotweed, Microsoft, MSTIC, Subzero

Knotweed threat actors have exploited Microsoft and Adobe 0-day vulnerabilities in targeted attacks against European and Central American customers. The actors also developed Subzero malware used in these attacks.