News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tags: patch

Microsoft Word with critical 9.8 vulnerability
March 8, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Every Word user should check whether their Word has already been updated by Microsoft. CVE-2023-21716 describes a critical vulnerability with a severity level of 9.8 out of 10 according to CVSS 3.1. Checking the version is quite simple. Incidentally, Microsoft released a Word vulnerability with a severity level of 9.8 out of 10 according to CVSS 3.1. This critical vulnerability allows opening a manipulated Rich Text Format (.rtf) document to allow malicious code injection. Although Microsoft describes the danger of the vulnerability on its website, it does not provide any further information. This information can be found at…

Read more

Chrome: New patches for security vulnerabilities
26 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

All Chrome users should take the time to update to version 109.0.5414.119 /.120. With the update, Google closes 4 security gaps, 2 of which are considered highly dangerous. An update is done quickly. A user and experts have found new vulnerabilities in Chrome and reported them to Google. There they reacted immediately and incorporated the patches into a new version. The official or stable build is 109.0.5414.119 /.120 for Windows, for Mac and Linux Mac and Linux to 109.0.5414.119. Two Serious Vulnerabilities While the first vulnerability was found in the WebTransport (CVE-2023-0471) of the client-server transfer engine…

Read more

Microsoft patches gaps according to NSA information
16 January 2023
| No comments
| Short news
Tenable news

Microsoft's Patchday release this month includes fixes for 98 CVEs, 11 of which are rated Critical and 87 are Major. In addition, Microsoft closes two zero-day vulnerabilities. A lot of information came from the American National Security Agency - NSA. Microsoft says this bug has already been exploited in practice as a zero day: CVE-2023-21674 is an elevation-of-privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) that simplifies interprocess communication for Windows operating system components. Serious zero-day vulnerability Although no details about the flaw were available at the time Microsoft published the advisory on Patch Tuesday, it seems…

Read more

Defense against container-based zero-day attacks
9 January 2023
| No comments
| PR News
Defense against container-based zero-day attacks

A new cloud-native security solution can stop zero-day attacks and shield critical production vulnerabilities until a patch can be applied. Aqua Security introduces the eBPF Lightning Enforcer. Powered by new eBPF technology, Lightning Enforcer provides full visibility into running workloads, making it easy for security professionals to identify and stop even advanced attacks in real time. Shift Left is an important factor in preventing vulnerabilities, misconfigurations, and software supply chain threats from entering production environments. However, sometimes this security approach is not enough. This has led to a…

Read more

Indispensable: patch automation for endpoints
24 December 2022
| No comments
| PR News
Essential: Patch automation for endpoints

Patching endpoints is one of the most important, but also one of the most time-consuming activities of IT departments. Automation solutions reduce the effort considerably, but not every tool delivers what it promises. Five features that provide real relief. Patching often feels like Sisyphean work for IT departments, especially updating third-party applications. There are usually a few dozen of these in the company, which causes a veritable flood of patches. Each one has to be tested on different systems and then gradually rolled out to thousands of computers - without patch automation, that's...

Read more

Exchange Server: many vulnerable via ProxyShell vulnerability
13 May 2022
| No comments
| Short news
Tenable news

Although there are already patches for the ProxyShell vulnerability on Microsoft Exchange, these are not being used. This makes it easy for cybercriminals to further exploit the vulnerabilities and attack the systems. A comment from Tenable. Recent reports show that a Hive ransomware strain is targeting many Microsoft Exchange Servers through the ProxyShell vulnerabilities. Claire Tills, Senior Research Engineer, Tenable, comments on why this is still possible. Patches could close vulnerability “Attackers continue to exploit the ProxyShell vulnerabilities, which were first disclosed more than eight months ago. They have proven to be a reliable source for attackers since their disclosure,…

Read more

Analysis of Patch Tuesday in October
19 October 2021
| No comments
| Short news
ivanti news

October is all about European Cyber ​​Security Month, according to the Ivanti analysis of Patch Tuesday. This is a good time for companies to review their own security strategy: To what extent are the IT and IT security teams able to concentrate on the most important aspects of general cyber hygiene. The weak point management always plays a special role. For 18 years now, Microsoft has been bundling the release of new patches on Patch Tuesday and helping companies to consolidate tests and maintenance windows and to fix security gaps in common software in a more predictable manner. Patching: other requirements for ...

Read more

Microsoft updates: September Patch Tuesday
September 16, 2020
| No comments
| PR News
Network patch cables

Ivanti will inform you about September Patch Tuesday with important Microsoft updates and give update recommendations for Windows operating systems and browsers, Exchange Server and SharePoint Server. Microsoft fixed 129 Common Vulnerabilities and Exposures (CVEs) on Patch Tuesday in September. Even if there are no exploited or publicly disclosed vulnerabilities this month, 23 CVEs are classified as critical. Most critical CVEs affect the Windows operating system and browsers. There are also seven critical CVEs on SharePoint this month. Critical security gaps in Microsoft SharePoint and Google Chrome Also ...

Read more

© 2024 MedPressIT GbR
Cookie Settings