Start of this new year, Meltdown and Spectre kept us busy. Today Microsoft released regular patches fixing a total of 23 vulnerabilities. Among these Microsoft rated one CVE as Critical, 20 as Important, one as Moderate and last one as Low. Microsoft also released 2 advisories for Adobe and Microsoft Office. Out of these 23 […]

Read More →

Two new critical vulnerabilities have been discovered affecting every processor since 1995, which allow malicious programs to steal information from other programs memory. These vulnerabilities are named as Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). Meltdown and Spectre vulnerabilities affect all processors since 1995 including AMD, ARM, and Intel. These vulnerabilities allow an attacker to access […]

Read More →

Foxit reader is prone to two remote code execution zero day vulnerabilities, which are found by Steven Seeley (mr_me) and Ariele Caltabiano (kimiya). Both vulnerabilities are due to the lack of proper validation of user-supplied data, which can lead to writing arbitrary files into attacker controlled locations and also launching of any executable files. User interaction is […]

Read More →

Adobe has released four security updates for Adobe Flash Player (APSB17-23), Adobe Experience Manager (APSB17-26), Adobe Acrobat and Reader (APSB17-24) and Adobe Digital Editions (APSB17-27) which covers a total of 80 CVE’s. Adobe Flash Player address a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could […]

Read More →

Microsoft July 2017 Patch Tuesday addresses 51 security vulnerabilities in addition to 3 vulnerabilities for Adobe Flash Player. 19 vulnerabilities are rated as Critical, 32 are rated as Important and 3 are rated as Moderate. 12 Critical vulnerabilities affect Microsoft Scripting Engine which can result in Remote Code Execution. The other critical vulnerabilities affect Internet Explorer, Edge, and Windows. […]

Read More →

Microsoft June 2017 Patch Tuesday addressing 97 security vulnerabilities including fixing two critical vulnerabilities Windows Search Remote Code Execution (CVE-2017-8543) and LNK Remote Code Execution (CVE-2017-8464), are being actively exploited in the wild. The most dangerous vulnerability exists in Windows Search Service (WSS), a feature in Windows that allows users to search across multiple Windows […]

Read More →