Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded systems. A set of 19 critical and high-severity security vulnerabilities have been discovered by Israeli security research firm JSOF in a low-level TCP/IP software library developed by Treck. Dubbed “Ripple20“, affecting hundreds of millions of internet of things (IoT) and industrial control devices. If […]
Read More →Microsoft has released April Patch Tuesday security updates, addressing a total of 113 vulnerabilities in the family of Windows operating systems and related products. Out of these, 19 are classified as Critical and 94 as Important which includes Microsoft Office Services and Web Apps, Internet Explorer, Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), Microsoft Apps […]
Read More →Microsoft publicizes November Patch Tuesday security updates today, fixing 74 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and related products. Out of these, 13 are classified as “Critical” and 61 as “Important”. Amongst the 13 Critical vulnerabilities, there is one vulnerability in Internet Explorer which is under the radar of […]
Read More →Microsoft released its Patch Tuesday security updates today, revised 80 common vulnerabilities and exposures (CVEs) in the family of Windows operating systems and other products. Out of these 17 are classified as “Critical“, 61 as “Important”, and 1 as “Moderate“. While most of the “Critical” rated vulnerabilities influence the scripting engines and browsers in an […]
Read More →A Zero-day vulnerability has been discovered in Internet Explorer that can allow attackers to steal files from the Windows systems. The vulnerability resides in the way Internet Explorer processes MHT(MIME HTML web archive) files and can be easily exploited by tricking users into opening a specially crafted MHT file. MHT is a Web page archive […]
Read More →This valentine’s day Microsoft released security patches addressing a total of 50 security vulnerabilities in various Microsoft products along with additional patches for the Meltdown and Spectre vulnerabilities (ADV180002), as a part of regulr patch tuesday. Among these 14 rated as Critical, 34 rated as Important and 2 rated as Moderate. These vulnerabilities impact Outlook, Edge, […]
Read More →A new critical Adobe Flash Player zero-day vulnerability has been reported in the wild. The vulnerability identified as CVE-2018-4878 is currently believed to be actively being exploited against South Koreans. According to the South Korean Computer Emergency Response Team which discovered the zero-day, the zero-day is believed to be a Flash SWF file embedded in MS Word documents. An attacker just […]
Read More →Two new critical vulnerabilities have been discovered affecting every processor since 1995, which allow malicious programs to steal information from other programs memory. These vulnerabilities are named as Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). Meltdown and Spectre vulnerabilities affect all processors since 1995 including AMD, ARM, and Intel. These vulnerabilities allow an attacker to access […]
Read More →Microsoft September 2017 Patch Tuesday released total of 94 individual security updates addressing total of 84 CVE’s, in addition to the 2 vulnerabilities for Adobe Flash Player. Among these, 27 are rated as Critical, 54 are rated as Important, and 2 are rated as moderate. September Security Update includes patches for 39 vulnerabilities leading to RCE […]
Read More →WannaCry (also known as Wana Decrypt0r 2.0, Wannacryptor, WannaCrypt, wana Decryptor) ransomware disrupts 2-3 millions of devices around 150 countries, taking important files as a hostage and demanding a ransom of $600 worth of bitcoins. The ransomware is found to be using the old SMB vulnerability (MS17-010 released in April 2017) to spread across devices. There was no second doubt […]
Read More →