Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

Chrome users, you have 3 months to say goodbye to Windows 7 and 8.1

Categories: News Tags: Google Chrome Tags: Chrome 110 Tags: Windows 7 Tags: Windows 10 Tags: Windows 11 Tags: Windows 8.1 Tags: Windows Subsystem for Android Tags: WSA Chrome will not be there for you when Microsoft ends its Extended Security Updates program for legacy Windows versions early next year. (Read more...) The post Chrome users, you have 3 months to say goodbye to Windows 7 and 8.1 appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#web#android#mac#windows#google#microsoft#zero_day#chrome
iPhone zero-day. Update your devices now!

Categories: News Tags: iPhone Tags: iPad Tags: Apple Tags: zero day Tags: exploit Tags: bug Tags: threat Tags: CVE-2022-42847 A zero-day bug that affects iPhones and iPads is being exploited in the wild (Read more...) The post iPhone zero-day. Update your devices now! appeared first on Malwarebytes Labs.

Windows Mark of the Web Zero-Days Remain Patchless, Under Exploit

A pair of Microsoft bugs allow cyberattackers to bypass native Windows Internet download security, says former CERT CC researcher who discovered the flaws.

CVE-2022-38435: Adobe Security Bulletin

Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Spyderbat Raises Series A to Deliver Runtime Security Throughout Cloud Native Software Development Environments

Led by NTTVC, the funding enables further development of Cloud Native Intrusion Prevention from the team that invented Network Intrusion Prevention Systems.

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827, has been described as an out-of-bounds write issue in the Kernel, which could be abused by a rogue application to execute arbitrary code with the highest privileges. Successful exploitation of

Your Microsoft Exchange Server Is a Security Liability

Endless vulnerabilities. Massive hacking campaigns. Slow and technically tough patching. It's time to say goodbye to on-premise Exchange.

CVE-2022-38108: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CVE-2022-36957: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

CVE-2022-36958: SolarWinds Trust Center Security Advisories | CVE-2022-36958

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.