Microsoft and its updates are of utmost interest for the security community during the second Tuesday of every month, the Patch Tuesday. However, Microsoft has filled the headlines of the fourth Tuesday too with important information about two critical unpatched zero-days in Microsoft Windows operating systems. A critical advisory has been released by Microsoft, urging […]
Read More →Microsoft has released March Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 26 are classified as Critical and 86 as Important which includes Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Exchange Server, Azure […]
Read More →A critical 17-year-old remote code execution bug was discovered in pppd (Point to Point Protocol Daemon). PPPD is used to manage network connections between two nodes on Unix-like operating systems and is responsible for managing PPP session establishment and session termination. The vulnerability, tracked as CVE-2020-8597, is a flaw in the Extensible Authentication Protocol (EAP) […]
Read More →Microsoft rightly predicted that systems vulnerable to CVE-2020-0688, could be an attractive target for attackers and that this vulnerability could soon be included in upcoming attacks. Standing true to that, attackers have now started scanning the Internet for Microsoft Exchange Servers vulnerable to a Remote Code Execution flaw(CVE-2020-0688). This vulnerability received a patch during the […]
Read More →Microsoft has released February Patch Tuesday security updates, addressing total 101 vulnerabilities in the family of Windows operating systems and related products. Out of these, 13 are classified as Critical and 88 as Important which includes Office Services and Web Apps, Internet Explorer, Edge, Microsoft Exchange Server, Malicious Software Removal Tool, and Surface Hub. The […]
Read More →Researchers have discovered a critical remote code execution bug in OpenSMTPD email server. This flaw in OpenSMTPD, OpenBSD‘s mail server, is known to be exploitable since May 2018. The vulnerability, tracked as CVE-2020-7247, is exploitable both locally and remotely. OpenSMTPD is a Unix daemon which implements the Simple Mail Transfer Protocol to deliver messages on […]
Read More →