Microsoft issued a new security advisory for Intel microcode updates for Windows 10 versions 1903 and 1909. The updates also address a known vulnerability behind a Zombieload attack. In addition, a targeted update for Windows Server 2019 version 1903 was also available.
Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization’s patch management efforts.
Security researchers have found a new side-channel attack and vulnerability that affects millions of newer Intel microprocessors. The new vulnerability CVE-2019-1125 dubbed SWAPGS is a variant of Spectre Variant 1 and bypasses previous mitigations against Spectre and Meltdown.
Cisco released new security updates on Friday, two rated high severity and two medium severity, to address ASA, NX-OS and CPU side-channel vulnerablities that impact multiple products.
Microsoft issued June 2018 Security Updates that include 51 unique vulnerability fixes, 11 of them rated critical. The updates address multiple Microsoft products to include Windows, Internet Explorer, Edge, Office, Office Services and Web Apps, ChakraCore and Adobe Flash.
Google has released Chrome 67 (version 67.0.3396.62) for Windows, Mac and Linux OS. The update includes 34 security fixes that address numerous vulnerabilities that could allow a remote attacker to take control of a victim’s computer.
New variants of the side-channel central processing unit (CPU) hardware vulnerabilities (aka Meltdown/Spectre) have been discovered. The new variants dubbed 3A and 4 have been found by Microsoft and Google researchers.
Microsoft has released two additional Windows security updates that address the Spectre side-channel vulnerabilities that were revealed in January of 2018.