bug
-
Blog
Microsoft fixes Windows Server 2022 bug breaking device boot
Microsoft has fixed a bug that was causing some Windows Server 2022 systems with two or more NUMA nodes to fail to start up. NUMA (short for non-uniform memory access) is a computer memory architecture in which multiple processors are connected to the same shared memory pool via high-speed interconnections to control performance bottlenecks. This design is extensively used in…
Read More » -
Blog
CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the Binding Operational Directive (BOD) 22-01, after being added to CISA’s Known Exploited Vulnerabilities catalog, U.S. federal agencies must secure their networks against ongoing attacks targeting the flaw within three weeks by February 3.…
Read More » -
Blog
macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. System Integrity Protection (SIP), or ‘rootless,’ is a macOS security feature that prevents malicious software from altering specific folders and files by limiting the root user account’s powers in protected areas. SIP allows only Apple-signed…
Read More » -
Blog
Microsoft fixes OneDrive bug causing macOS app freezes
Microsoft has fixed a known issue causing macOS applications to freeze when opening or saving files in OneDrive. As Redmond explained when it first acknowledged the bug in November, it affects only systems running the company’s latest operating system release, macOS 15 Sequoia. “Opening or saving files within Desktop or Documents folders can cause the file’s app to freeze. This…
Read More » -
Blog
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.” In an email sent to SonicWall customers and shared on Reddit, the firewall vendor says the patches are available as of yesterday, and all impacted customers should install them immediately to prevent exploitation.…
Read More » -
Blog
Windows 11 Media Update Bug Stops Security Updates
Admins, take caution if you use physical media to install Windows security updates, Microsoft warned on Dec. 24. Installing the October or November 2024 updates for Windows 11, version 24H2 using a CD or a USB flash drive could prevent the operating system from accepting future security updates. How to prevent Windows 11 version 24H2 from locking up security updates…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/24038601/acastro_STK109_microsoft_02.jpg)
A weird Windows 11 bug won’t let some people install any security updates
When using media to install Windows 11, version 24H2, the device might remain in a state where it cannot accept further Windows security updates. This occurs only when the media is created to include the October 2024, or November 2024, security updates as part of the installation (these updates were released between October 8, 2024 and November 12, 2024). Source…
Read More » -
Blog
Windows 11 installation media bug causes security update failures
Microsoft is warning of an issue when using a media support to install Windows 11, version 24H2, that causes the operating system to not accept further security updates. The problem occurs when using CD and USB flash drives to install Windows 11 version with security updates released between October 8 and November 12. “When using media to install Windows 11, version 24H2,…
Read More » -
Blog
Microsoft fixes bug behind random Office 365 deactivation errors
Microsoft has rolled out a fix for a known issue that causes random “Product Deactivated” errors for customers using Microsoft 365 Office apps. User reports on Microsoft’s community website, Reddit, and other online platforms show that affected users receive “Product Deactivated” warnings in Office apps. As the company explained when it acknowledged the bug on Thursday, the errors are triggered by…
Read More » -
Blog
Adobe warns of critical ColdFusion bug with PoC exploit code
Adobe has released out-of-band security updates to address a critical ColdFusion vulnerability with proof-of-concept (PoC) exploit code. In an advisory released on Monday, the company says the flaw (tracked as CVE-2024-53961) is caused by a path traversal weakness that impacts Adobe ColdFusion versions 2023 and 2021 and can enable attackers to read arbitrary files on vulnerable servers. “Adobe is aware that CVE-2024-53961…
Read More »