#microsoft

Ubuntu Security Notice 5467-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice 5466-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

The creation of a foul-mouthed chat bot called GPT-4chan re-triggered the discussion about how we want to use and regulate AI and ML. The post Awful 4chan chat bot spouts racial slurs and antisemitic abuse appeared first on Malwarebytes Labs.

An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild. The issue — referenced as DogWalk — relates to a path traversal flaw that can be exploited to stash a malicious executable file to the Windows Startup folder when a potential target opens a

This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to execute PowerShell code.

It's called pre-hijacking, and it's a new class of attack against online accounts. The post Hackers can take over accounts you haven’t even created yet appeared first on Malwarebytes Labs.

Apple’s iOS 16 and macOS Ventura will introduce passwordless login for apps and websites. It’s only the beginning.

Apple’s iOS 16 and macOS Ventura will introduce passwordless login for apps and websites. It’s only the beginning.

Apple's published some numbers about the number of apps blocked from getting into the App store, along with other security news from the WWDC The post Rotten apples banned from the App store appeared first on Malwarebytes Labs.

The backbone of the web has received a major upgrade