Security Updates & Patches Archives - Page 89 of 89

Apple releases new security updates to address Spectre

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 9, 2018 / Apple, CVE-2017-5715, CVE-2017-5753, High Sierra, macOS, Spectre, Vulnerabilities

Apple released macOS High Sierra 10.13.2 Supplemental Update that includes security improvements to Safari and WebKit to mitigate the effects of Spectre vulnerability (CVE-2017-5753 and CVE-2017-5715). Apple also provided a security update for Safari 11.0.2 for OS X El Capitan 10.11.6 and macOS Sierra 10.12.6, with fixes for the same Spectre vulnerabilities. The MacOS High Sierra update will already upgrade Safari to version 11.0.2 (13604.4.7.1.6) or version 11.0.2 …

Apple releases new security updates to address Spectre Read More »

Vendors issue security updates for Spectre and Meltdown

Leave a Comment / Security Updates & Patches / By Frank Crast / January 5, 2018 / Android, Apple, Meltdown, Microsoft, Spectre, Vulnerabilities

Software and hardware vendors have issued advisories and fixes for “Spectre” (speculative execution side-channel attack) and “Meltdown” vulnerabilities, related to recently disclosed CPU processor design flaws.

Meltdown and Spectre vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / January 4, 2018 / Meltdown, side-channel, Spectre, Vulnerabilities

US-CERT issued a security update regarding the latest Intel processor design flaws. According to the vulnerability note, the CPU hardware implementations are vulnerable to side-channel attacks. The two vulnerabilities are referred to as Meltdown and Spectre. An excerpt from the advisory: “CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. These attacks are described in detail by Google Project …

Meltdown and Spectre vulnerabilities Read More »

OpenEMR vulnerability

Leave a Comment / Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 29, 2017 / Medical, OpenVMR, Vulnerabilities

An OpenEMR vulnerability could expose millions of medical records to attackers. The flaw has been patched with OpenEMR 5.0.0 Patch 6 a couple of weeks ago. Unpatched versions could allow an attacker to steal patient records and personal data by exploiting the vulnerability in the setup.php installation script. OpenEMR is a popular open source electronic health records and medical practice …

OpenEMR vulnerability Read More »

Microsoft November 2017 Security Updates

Leave a Comment / Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 15, 2017 / Microsoft, Vulnerabilities

On Tuesday, Microsoft issued patches to address 53 vulnerabilities, to include 20 critical fixes, as part of November security updates. Also noteworthy was four of the fixes addressed vulnerabilities with known public exploits (CVE-2017-11848, CVE-2017-11827, CVE-2017-11883 and CVE-2017-8700).

GnuPG crypto vulnerability exposed

Leave a Comment / Cryptography, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 5, 2017 / Cryptography, encryption, GnuPG, Libgcrypt, RSA-1024, Vulnerabilities

A team of security researchers from several universities have cracked the 1024-bit RSA encryption in theLibgcrypt cryptographic library used by GnuPG.