fixes
-
Blog
September’s Patch Tuesday update fixes 4 zero-days – Computerworld
Windows Update and Installer. Windows Hyper-V. Windows Kernel and Graphics (GDI). Microsoft MSHTML and Mark of the Web. Remote Desktop (RDP) and TCP/IP subsystems. The real concern is that three of these vulnerabilities (CVE-2024-38014, CVE-2024-38217, CVE-2024-43491 have been reported as exploited. In addition, another reported vulnerability in the Windows HTML subsystem (CVE-2024-38217) has been reported as publicly disclosed. Given these four zero-days,…
Read More » -
Blog
GitHub comments abused to push password stealing malware masked as fixes
GitHub is being abused to distribute the Lumma Stealer information-stealing malware as fake fixes posted in project comments. The campaign was first reported by a contributor to the teloxide rust library, who noted on Reddit that they received five different comments in their GitHub issues that pretended to be fixes but were instead pushing malware. Further review by BleepingComputer found thousands of…
Read More » -
Blog
Windows 10 KB5041582 update released with 5 changes and fixes
Microsoft has released the August 2024 preview update for Windows 10, version 22H2, with fixes for issues causing system freezes and memory leaks. Today’s KB5041582 optional cumulative update is a maintenance release that enables Windows administrators to test fixes and improvements and ensure a more reliable experience for end users when rolling out security updates via the mandatory September 2024 Patch…
Read More » -
Blog
Versa fixes Director zero-day vulnerability exploited in attacks
Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. Versa Director is a platform designed to help managed service providers simplify the design, automation, and delivery of SASE services, offering essential management, monitoring, and orchestration for Versa SASE’s networking…
Read More » -
Blog
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials. Web Help Desk (WHD) is an IT help desk software widely used by government agencies, large corporations, and healthcare and education organizations to automate and streamline help desk management tasks. SolarWinds’ IT management products are used by over 300,000…
Read More » -
Blog
New Windows 10 22H2 beta fixes memory leaks and crashes
Microsoft has released a new Windows 10 22H2 beta (KB5041582) with memory leak and crash fixes for Insiders in the Beta and Release Preview channels. The company says the KB5041582 update fixes an issue causing some apps to stop because of a memory leak in a Bluetooth device and an Input Method Editor (IME) memory leak occurring when closing combo…
Read More » -
Blog
Google fixes ninth Chrome zero-day exploited in attacks this year
Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability tagged as exploited attacks. “Google is aware that an exploit for CVE-2024-7971 exists in the wild,” the company said in an advisory published on Wednesday. This high-severity zero-day vulnerability is caused by a type confusion weakness in Chrome’s V8 JavaScript engine. Security researchers with the Microsoft…
Read More » -
Blog
Nomad’s updated Stand One Max charger fixes an annoying design flaw
Nomad is course-correcting from a small design blunder last year on its three-in-one MagSafe charging stand. Like its predecessor, the new Stand One Max for 2024 is a wireless multi-charger for a compatible iPhone, Apple Watch, and set of AirPods. However, now you can charge all of those devices with your phone in landscape orientation, allowing you to use Apple’s…
Read More » -
Blog
Keeping up with the latest fixes – Computerworld
This month’s Patch Tuesday highlights three critical zero-day vulnerabilities affecting Windows PCs and requiring immediate patching — that is, identified as “patch now.” Some updates like those to Office and Edge browsers follow standard release schedules, but be aware of a critical update for SharePoint Server. Developers need to aware o a late addition to the update cycle affecting the…
Read More »