This November, Microsoft released monthly security patches covering total 63 vulnerabilities, with 12 of them rated critical, 47 are rated Important, one is rated Moderate and three are Low in Severity. These vulnerabilities impact Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, and Microsoft Office Services and Web Apps, ChakraCore, .NET Core, Skype for Business, […]

Read More →

A critical remote code execution vulnerability affecting popular web application framework Apache Struts has been discovered. The vulnerability is in the core of the application and exists due to insufficient validation of user-provided untrusted inputs under certain configurations. This vulnerability is identified by CVE-2018-11776. This Remote Code Execution vulnerability poses a huge risk as the […]

Read More →

  Five hours! Five hours! That’s how long it took for hackers to exploit Drupal vulnerability (CVE-2018-7602) after the patches were released. This time, instead of releasing the patches straight away, Drupal dropped a PSA(Public Service Announcement) approximately two days before releasing the updates to get the website owners and developers ready to patch out […]

Read More →

  More than a million active websites use Drupal, making it the second most used content management system worldwide after WordPress. On March 28, 2018, Drupal released security patches for versions 6 to 8 suggesting to update immediately and marking the underlying vulnerability (CVE-2018-7600) as critical with remote code execution. The scanning and attacks on […]

Read More →

Start of this new year, Meltdown and Spectre kept us busy. Today Microsoft released regular patches fixing a total of 23 vulnerabilities. Among these Microsoft rated one CVE as Critical, 20 as Important, one as Moderate and last one as Low. Microsoft also released 2 advisories for Adobe and Microsoft Office. Out of these 23 […]

Read More →

Adobe has released four security updates for Adobe Flash Player (APSB17-23), Adobe Experience Manager (APSB17-26), Adobe Acrobat and Reader (APSB17-24) and Adobe Digital Editions (APSB17-27) which covers a total of 80 CVE’s. Adobe Flash Player address a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could […]

Read More →