Tag
#windows
Hacker Samy Kamkar is debuting his own open source version of a laser microphone—a spy tool that can invisibly pick up the sounds inside your home through a window, and even the text you’re typing.
Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the operating system files with older versions. The vulnerabilities are listed below - CVE-2024-38202 (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability CVE-2024-21302
The security vendor has also implemented several changes to protect against the kind of snafu that crashed 8.5 million Windows computers worldwide last month.
A researcher found a vulnerability that would let hackers strategically downgrade a target’s Windows version to reexpose patched vulnerabilities. Microsoft is working on fixes for the issue.
WordPress PayPlus Payment Gateway plugin versions prior to 6.6.9 suffer from a remote SQL injection vulnerability.
Red Hat Security Advisory 2024-5025-03 - Red Hat JBoss Web Server 5.8.1 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server.
E-Commerce Site using PHP PDO version 1.0 suffers from a directory traversal vulnerability.
Covid-19 Directory on Vaccination System version 1.0 suffers from an ignored default credential vulnerability.
Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The "Channel File 291" incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template Type to enable
**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** The attacker must have permissions to access the target's System directory to plant the malicious folder that would be used as part of the exploitation.