Neowin News Feed for: Zero-day

Apple fixes two zero-day vulnerabilities used to spy on its customers

David Uzondu — Thu, 17 Apr 2025 07:16:01 +0000

Two zero-day exploits were used in targeted attacks on iOS users. Apple has now patched both with a quiet security update. Read more...

Malwarebytes Anti-Exploit 1.13.1.568 Beta

Razvan Serea — Fri, 27 Oct 2023 17:06:01 +0000

Malwarebytes Anti-Exploit protects against all known and unknown 0-day vulnerability exploits, protecting users where traditional antivirus and security products fail. Read more...

Apple releases urgent zero-day patches for iOS, iPadOS, and macOS

Omer Dursun — Mon, 10 Jul 2023 21:52:01 +0000

Apple issues urgent security patches for zero-day exploits affecting fully-patched iPhones, Macs, and iPads. It is the 10th zero-day flaw addressed in 2023. Here's the detail of the new RSR update. Read more...

New report claims Microsoft had 18 zero-day issues exploited in 2022 by hacker groups

John Callaham — Tue, 21 Mar 2023 12:48:01 +0000

The security firm Mandiant says Microsoft, Google, and Apple had most of the 55 zero-day issues that were exploited by hackers in 2022. The number is lower than 2021, but still higher than most years. Read more...

Google found 18 zero-day issues with Samsung's Exynos modems that could affect many phones

John Callaham — Fri, 17 Mar 2023 15:50:02 +0000

The issues affect a large number of smartphones from Samsung, Vivo and even from Google's Pixel phones, and could allow hackers to "remotely compromise a phone" with no interaction from the owner. Read more...

Microsoft stopped an Austrian firm selling spyware enabling unauthorized surveillance

Alap Naik Desai — Wed, 27 Jul 2022 23:00:02 +0000

Microsoft's Threat Intelligence Center (MSTIC) claims it caught an Austrian company selling spyware called Subzero. The malware relied on zero-day vulnerabilities, which have been patched. Read more...

"DogWalk", another Microsoft-ignored MSDT vulnerability like Follina gets unofficial patch

Sayan Sen — Wed, 08 Jun 2022 09:02:01 +0000

Following the recent Follina security vulnerability, another Microsoft Support Diagnostic Tool (MSDT) bug has been found called "DogWalk". This one too has been ignored by Microsoft at first glance. Read more...

Protocol vulnerability allows launching malicious Windows Search by just opening Word file

Taras Buria — Thu, 02 Jun 2022 06:54:02 +0000

A newly discovered zero-day vulnerability in modern Windows versions allows bad actors to launch a Windows Search window and connect to infected directories using a single Word file. Read more...

'Alien' spyware is loading Predator malware on Android devices, warns Google

Alap Naik Desai — Mon, 23 May 2022 16:00:01 +0000

Sophisticated "Alien" spyware is targeting Android users to download "Predator" malware, which can record audio, hide apps, and perform several more nefarious activities. Google has sent out patches. Read more...

Windows 11 and Teams got hacked several times during the first day of Pwn2Own 2022

Taras Buria — Thu, 19 May 2022 13:38:01 +0000

During the first day of Pwn2Own Vancouver 2022, participants demonstrated various zero-day exploits and security loopholes in popular Microsoft products, such as Windows 11 and Teams. Read more...

Microsoft Windows under attack from Hafnium group's 'Tarrask' malware

Alap Naik Desai — Wed, 13 Apr 2022 00:26:01 +0000

The infamous Hafnium group which successfully targeted on-premises Microsoft Exchange servers is now going after Windows using Tarrask malware which evades detection by cleaning its activities. Read more...

After multiple Patch Tuesday fails, unofficial fix for an old Windows vulnerability released

Sayan Sen — Mon, 21 Mar 2022 19:52:01 +0000

An unofficial patch for a Windows LPE security vulnerability under "CVE-2021-34484" is out, one that was supposedly fixed by Microsoft via its Patch Tuesday updates twice, but apparently not. Read more...

Mozilla Firefox receives out of band update to patch two critical security exploits

Alap Naik Desai — Sat, 05 Mar 2022 23:00:02 +0000

Mozilla has released Firefox v97.0.2. It's an out-of-band security update to patch two "Critical" security flaws that are being exploited in the wild. These 0-Days rely on the 'Use-after-free' bug. Read more...

Google is rolling out emergency fix for Chrome to patch attack exploit

Steven Parker — Tue, 14 Dec 2021 11:38:01 +0000

Thanks to an as yet undisclosed critical vulnerability in Chrome 96, confirmed to be actively being exploited in the wild, Google is rolling out an update to Chrome 96, which y'all should update to. Read more...

Microsoft Weekly: Windows 11 builds, new zero-day vulnerability, and gaming news

Abhay V — Sat, 11 Sep 2021 23:00:01 +0000

This week in Microsoft news, there are new Windows 11 builds for Beta and Dev channels, security patches and zero-day bugs, Halo Infinite's next multiplayer preview news, and much more. Read more...

Microsoft acknowledges Windows zero-day that leverages Office files for attacks

Abhay V — Wed, 08 Sep 2021 16:14:01 +0000

Microsoft has acknowledged that it is investigating a Windows zero-day vulnerability that is currently being exploited in the wild. The firm has provided a workaround that involves AcitveX controls. Read more...

On-premises Exchange servers are under attack from a state-sponsored group

Usama Jawad — Wed, 03 Mar 2021 13:04:01 +0000

Microsoft has revealed that on-premises Exchange servers are under attack from a state-sponsored group operating from China and utilizing 0-day exploits. Exchange Online is safe from the threat. Read more...

Google discloses a zero-day vulnerability in Windows, currently exploited in the wild

Abhay V — Fri, 30 Oct 2020 20:32:01 +0000

Google's Project Zero team has disclosed a zero-day vulnerability in Windows that enables elevated code execution that is currently being exploited. Microsoft is expected to patch the bug next month. Read more...

Mozilla pushes Firefox 74.0.1 fixing two zero-day exploits

Paul Hill — Sat, 04 Apr 2020 17:16:01 +0000

Mozilla has released Firefox 74.0.1 which includes patches for two zero-day vulnerabilities that are actively being exploited in the wild. The vulnerabilities allow hackers to run code on systems. Read more...

Google patches Chrome zero-day vulnerability currently being exploited

Abhay V — Tue, 25 Feb 2020 21:26:01 +0000

Google has patched three security bugs on Chrome, one of which is a zero-day vulnerability that is currently being exploited in the wild. The update is out for Windows, Mac, and Linux users. Read more...

Mozilla has pushed patches for Firefox and Firefox ESR to address a zero-day flaw

Paul Hill — Fri, 10 Jan 2020 04:30:01 +0000

Mozilla has released a patch for Firefox and Firefox ESR. It fixes a zero-day flaw in the IonMonkey JavaScript JIT compiler that is already being exploited in the wild to attack systems. Read more...

Valve fixes zero-day exploit for Steam in latest beta

Muhammad Jarir Kanji — Sat, 10 Aug 2019 06:28:01 +0000

Valve has now begun fixing a zero-day exploit in Steam that could result in an escalation of privilege attack, after public criticism from the researcher who found it made headlines. Read more...

New Windows 10 zero-day gets published to Github by SandboxEscaper

Paul Hill — Wed, 22 May 2019 12:46:02 +0000

A new Windows 10 zero-day has surfaced on Github. The vulnerability, which Microsoft isn't believed to have been forewarned about, was released by SandboxEscaper who has previously released zero-days. Read more...

Malwarebytes Anti-Exploit 1.13.1.63 Beta

Razvan Serea — Tue, 23 Apr 2019 07:42:01 +0000

Malwarebytes Anti-Exploit protects against all known and unknown 0-day vulnerability exploits, protecting users where traditional antivirus and security products fail. Read more...

OSArmor 1.4.3

Razvan Serea — Mon, 25 Mar 2019 21:16:01 +0000