Microsoft has released May Patch Tuesday security updates, addressing a total of 111 vulnerabilities in the family of Windows operating systems and related products. Out of these, 16 are classified as Critical and 95 as Important which includes Microsoft Windows, Edge EdgeHTML-based, Chromium-based, ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services and Web Apps, […]

Read More →

  Mozilla fixed two critical zero-days in its popular web browser, Firefox. Mozilla is aware of active exploitation of these vulnerabilities. There is no specific information about the threat groups or malwares utilizing these vulnerabilities. Firefox Zero-Days As per the advisory, CVE-2020-6819 is a use-after-free vulnerability when running the nsDocShell destructor due to a  race […]

Read More →

Microsoft and its updates are of utmost interest for the security community during the second Tuesday of every month, the Patch Tuesday. However, Microsoft has filled the headlines of the fourth Tuesday too with important information about two critical unpatched zero-days in Microsoft Windows operating systems. A critical advisory has been released by Microsoft, urging […]

Read More →

Microsoft has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 26 are classified as Critical and 86 as Important which includes Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Exchange Server, Azure […]

Read More →

A critical 17-year-old remote code execution bug was discovered in pppd (Point to Point Protocol Daemon). PPPD is used to manage network connections between two nodes on Unix-like operating systems and is responsible for managing PPP session establishment and session termination. The vulnerability, tracked as CVE-2020-8597, is a flaw in the Extensible Authentication Protocol (EAP) […]

Read More →

Microsoft rightly predicted that systems vulnerable to CVE-2020-0688, could be an attractive target for attackers and that this vulnerability could soon be included in upcoming attacks. Standing true to that, attackers have now started scanning the Internet for Microsoft Exchange Servers vulnerable to a Remote Code Execution flaw(CVE-2020-0688). This vulnerability received a patch during the […]

Read More →