New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows
With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating …
Malware opens RDP backdoor into Windows systems
A new version of the Sarwent malware can open the Remote Desktop Protocol (RDP) port on target Windows computers to make sure that crooks can find their way back into the …
Windows 10 users get protection against PUAs
Windows 10 users who upgrade to v2004 will finally be able to switch on a longstanding Windows Defender feature that protects users against potentially unwanted applications …
Fear the PrintDemon? Upgrade Windows to patch easily exploited flaw
Among the vulnerabilities patched by Microsoft on May 2020 Patch Tuesday is CVE-2020-1048, a “lowly” privilege escalation vulnerability in the Windows Print …
May 2020 Patch Tuesday: Microsoft fixes 111 flaws, Adobe 36
For the May 2020 Patch Tuesday, Microsoft has fixed 111 CVE-numbered flaws and Adobe 36, but none are under active attack. Microsoft’s updates For the third time in the …
May 2020 Patch Tuesday forecast: Time for a break?
It’s been a hectic month for everyone worldwide, but we may get a small break in the action this patch Tuesday. The forecast for May is looking light on updates, which will be …
April 2020 Patch Tuesday: Microsoft fixes three actively exploited vulnerabilities
For the April 2020 Patch Tuesday, Adobe plugs 5 flaws and Microsoft 113, three of which are currently being exploited by attackers. Adobe’s updates On this Patch …
April 2020 Patch Tuesday forecast: Uncertainty reigns, but patching endures through pandemic
I should have reserved the title from last month’s article – Let’s put the madness behind us for this month. Of course, it has a completely different meaning now in the wake …
APT attacks targeting Linux, Windows and Android remained undetected for nearly a decade
Five related APT groups operating in the interest of the Chinese government have systematically targeted Linux servers, Windows systems and mobile devices running Android …
Micropatches block exploitation of Windows zero-days under attack
While we wait for Microsoft to provide fixes for the two new Windows RCE zero-days that are being exploited in “limited targeted Windows 7 based attacks,” ACROS …
Windows users under attack via two new RCE zero-days
Attackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems, Microsoft warns. The attacks …
Microsoft releases patch for leaked SMBv3 RCE flaw
After the inadvertent leaking of details about a wormable Windows SMBv3 RCE flaw (CVE-2020-0796) on Tuesday, Microsoft has rushed to release a patch (i.e., security updates). …