security update

Oracle releases emergency Oracle Identity Manager patch
Oracle has issued an out-of-cycle patch that plugs a critical vulnerability (CVE-2017-10151), affecting Oracle Identity Manager, its widely-used enterprise identity management …

Cisco plugs WPA2 holes, critical Cloud Services Platform flaw
Cisco has released updates to address vulnerabilities in a wide variety of its products. Among these are updates fixing the WPA2 vulnerabilities that can be exploited in the …

Oracle fixes 252 vulnerabilities in October 2017 Critical Patch Update
Oracle has released its Critical Patch Update (CPU) for October 2017, addressing 252 vulnerabilities across the wide multitude of its products. Compared to the July 2017 CPU, …

Adobe releases emergency fix for Flash Player zero-day exploited in the wild
Adobe has released an out-of-band security update for Adobe Flash Player that patches a zero-day remote code execution vulnerability actively exploited in the wild. Kaspersky …

October Patch Tuesday: 61 bugs and one zero-day fixed
For its October Patch Tuesday, Microsoft has patched 61 vulnerabilities (27 of them critical) and one Office zero-day labeled as “important.” The zero-day The …

Patching discrepancy between supported Windows versions puts users at risk
Security improvements should be a welcome addition to all software, but if they are not also simultaneously backported into its older and still supported versions, they can …

PoC for several Magento vulnerabilities released, update now!
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento …

Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
Google researchers have discovered seven serious vulnerabilities in Dnsmasq, a lightweight, widely used DNS forwarder and DHCP server for small computer networks. Dnsmasq is …

Is your Mac software secure but firmware vulnerable?
Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought, Duo …

Maintaining Windows 10 security tops list of enterprise challenges
Companies are experiencing significant challenges in their attempts to keep their endpoints secure. Maintaining Windows 10 security topped the list of challenges with over …

Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …

Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise