Zero-days Archives - Page 6 of 14

Adobe fixes Critical zero-day Commerce,  Magento vulnerability exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 14, 2022 / Adobe, Adobe Commerce, Commerce, CVE-2022-24086, Magento

Adobe has released security update that fixes a zero-day vulnerability CVE-2022-24086 for Adobe Commerce and Magento Open Source with reported exploits in the wild.

Adobe fixes Critical zero-day Commerce,  Magento vulnerability exploited in the wild Read More »

Apple releases iOS 15.3.1, macOS Monterey 12.2.1 and Safari 15.3 security updates for zero-day exploited in wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / February 11, 2022 / CVE-2022-22620, iOS 15.3.1

Apple has released security updates for iOS 15.3.1, macOS Monterey 12.2.1, and Safari 15.3 with fixes for a zero-day vulnerability CVE-2022-22620 exploited in the wild.

Apple releases iOS 15.3.1, macOS Monterey 12.2.1 and Safari 15.3 security updates for zero-day exploited in wild Read More »

CISA adds 8 new actively exploited vulnerabilities (to include latest Apple zero-day)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / January 28, 2022 / Apple, CVE-2022-22587

The Cybersecurity and Infrastructure Security Agency (CISA) has published 8 new actively exploited vulnerabilities, one of those vulnerabilities (CVE-2022-22587) recently fixed by Apple.

CISA adds 8 new actively exploited vulnerabilities (to include latest Apple zero-day) Read More »

Apple releases iOS 15.3, macOS Monterey 12.2 and other product security updates (with fixes for zero-day vulnerability exploit in wild)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / January 28, 2022 / Big Sur, CVE-2022-22587, iOS, iOS153, macOS, macOS Catalina, Monterey, Monterey122

Apple has released security updates for iOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3, and other Apple products. The updates also address a zero-day vulnerability (CVE-2022-22587) exploited in the wild.

Apple releases iOS 15.3, macOS Monterey 12.2 and other product security updates (with fixes for zero-day vulnerability exploit in wild) Read More »

Microsoft December 2021 Security Updates includes fix for zero-day exploit used to spread Emotet malware

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / December 15, 2021 / CVE-2021-42310, CVE-2021-43215, CVE-2021-43217, CVE-2021-43233, CVE-2021-43890, CVE-2021-43899, CVE-2021-43905, CVE-2021-43907, Emotet, Windows

Microsoft has released the December 2021 Security Updates that includes patches for 73 vulnerabilities, 7 of those rated Critical. The updates also address one vulnerability being actively exploited in the wild and used to spread Emotet malware.

Microsoft December 2021 Security Updates includes fix for zero-day exploit used to spread Emotet malware Read More »

Google releases Chrome 96 security update (96.0.4664.110) with fix for High risk zero-day exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / December 15, 2021 / Chrome, Chrome 96, CVE-2021-4098, CVE-2021-4102

Google has released Chrome 96 security update (96.0.4664.110) for Windows, Mac and Linux with a fix for one High risk vulnerability exploited in the wild.

Google releases Chrome 96 security update (96.0.4664.110) with fix for High risk zero-day exploited in the wild Read More »

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 30, 2021 / 0-day, CVE-2021-24084, HiveNightmare, mobile, SeriousSAM, Windows

A security researcher has discovered a zero-day vulnerability CVE-2021-24084 in Windows Mobile Device Management that could allow information disclosure and local privilege escalation (LPE).

Windows Mobile Device Management 0-day vulnerability could lead to local privilege escalation Read More »

FBI alert: APT actors exploit 0-Day FatPipe VPN vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 21, 2021 / 0-day, FatPipe, FBI, MPVPN, VPN

The Federal Bureau of Investigation (FBI) has issued a report of advanced persistent threat (APT) actors exploiting 0-day FatPipe MPVPN networking devices since at least May of 2021.

FBI alert: APT actors exploit 0-Day FatPipe VPN vulnerabilities Read More »

Microsoft November 2021 Security Updates includes fixes for 2 zero-days under active exploit

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 10, 2021 / CVE-2021-26443, CVE-2021-3711, CVE-2021-38666, CVE-2021-42279, CVE-2021-42292, CVE-2021-42298, CVE-2021-42316, CVE-2021-42321, Excel, Exchange, Office

Microsoft has released the November 2021 Security Updates that includes patches for 55 vulnerabilities, 6 of those rated Critical. The updates also address 2 zero-day bugs being actively exploited in the wild.

Microsoft November 2021 Security Updates includes fixes for 2 zero-days under active exploit Read More »

Google patches Android zero-day vulnerability exploited in the wild

Mobile Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 3, 2021 / Android, CVE-2021-0889, CVE-2021-0918, CVE-2021-0930, CVE-2021-1048, CVE-2021-1924, CVE-2021-1975, Zero-day

Google has released the Android Security Bulletin for November 2021 with patches for 36 vulnerabilities, to include five High risk bugs and one zero-day being exploited in the wild.

Google patches Android zero-day vulnerability exploited in the wild Read More »