Zero-days Archives

Microsoft May 2023 Security Updates Fixes 49 Vulnerabilities (6 Critical, 2 zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / May 11, 2023 / CVE-2023-24903, CVE-2023-24932, CVE-2023-24941, CVE-2023-24943, CVE-2023-24955, CVE-2023-28283, CVE-2023-29325, CVE-2023-29336:, Secure Boot, Win32K

The Microsoft May 2023 Security Updates includes patches and advisories for 49 vulnerabilities, including 6 Critical severity issues and two zero-days (CVE-2023-29336, CVE-2023-24932) exploited in the wild.

Microsoft April 2023 Security Updates Fixes 97 Vulnerabilities (7 Critical, 1 zero-day)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / April 12, 2023 / CLFS, CVE-2023-21554, CVE-2023-28219, CVE-2023-28220, CVE-2023-28231, CVE-2023-28232, CVE-2023-28250, CVE-2023-28252, CVE-2023-28291, Windows

The Microsoft April 2023 Security Updates includes patches and advisories for 97 vulnerabilities, including 7 Critical severity issues and one zero-day exploited in the wild.

Apple patches 2 zero-day vulnerabilities in iOS 16.4.1 and macOS Ventura 13.3.1

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / April 8, 2023 / CVE-2023-28205, CVE-2023-28206, iOS1641, macOS, Safari

Apple has released security updates for Apple iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1 and Safari 16.4.1, with fixes for two zero-day vulnerabilities.

Microsoft March 2023 Security Updates Fixes 101 Vulnerabilities (9 Critical, 2 zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / March 14, 2023 / CVE-2023-21708, CVE-2023-23392, CVE-2023-23397, CVE-2023-23404, CVE-2023-23411, CVE-2023-23415, CVE-2023-23416, CVE-2023-24880, ICMP, Outlook, RCE, SmartScreen, Windows

The Microsoft March 2023 Security Updates includes patches and advisories for 101 vulnerabilities, including 9 Critical severity issues and two zero-days exploited in the wild.

Adobe Security Updates For Multiple Products (one Zero day)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / March 14, 2023 / Adobe, ColdFusion, Commerce, Creative Cloud, CVE-2023-26360, Dimension, Experience Manager, Illustrator, Photoshop, Substance 3D Stager

Adobe has released eight advisories addressing multiple vulnerabilities in Adobe Commerce, Experience Manager, Illustrator, Dimension, Creative Cloud, Substance 3D Stager, Photoshop, and ColdFusion products.

Threat actors launch zero-day attack against Python Package Index (PyPI) packages

Application Security, Source Code Security, Vulnerabilities & Exploits, Zero-days / By Frank Crast / February 24, 2023 / FortiGuard, Open Source, PyPI, Python

Researchers have discovered threat actors launching zero-day attack against packages in the Python Package Index (PyPI) repository.

Attackers Exploit Forta GoAnywhere Zero-day Vulnerability

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / February 17, 2023 / CVE-2023-0669, Forta, GoAnywhere, Zero-day

Attackers have been exploiting a Forta GoAnywhere zero-day vulnerability (CVE-2023-0669).

Microsoft February 2023 Security Updates addresses 79 vulnerabilities (9 rated Critical, 3 zero days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / February 16, 2023 / CVE-2023-21715, CVE-2023-21823, CVE-2023-23376, PEAP, RCE

The Microsoft February 2023 Security Updates includes patches and advisories for 79 vulnerabilities, including 9 Critical severity remote code execution issues and three zero-days exploited in the wild.

Apple Fixes Exploited Zero-Day Vulnerability (CVE-2023-23529) in IOS, Safari and macOS

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / February 14, 2023 / Apple, CVE-2023-23529, iOS1631, macOS, Safari, Ventura, Webkit

Apple has released an emergency security update that fixes a zero-day exploited vulnerability (CVE-2023-23529) in iOS, Safari, and macOS, under attack in the wild.

Apple patches vulnerabilities in iOS 16.3, macOS Ventura 13.2, and other products (plus zero-day in older iPhones)

Mobile Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / January 25, 2023 / Apple, CVE-2022-42856, iOS163, iPhone, macOS, Safari, Ventura, Ventura132

Apple has released security updates for Apple iOS 16.3, macOS Ventura 13.2, macOS Big Sur 11.7.3, Safari 16.3, and other products. In addition a zero-day iOS fix was also made available for older iPhones.