Yesterday's Patch Tuesday saw numerous bug fixes and additions to many of Microsoft's operating systems. However, breaking with tradition, Microsoft released a very small number of security fixes.
Yesterday's Patch Tuesday saw the launch of a new cumulative update for Windows 10, as well as a number of security patches; they fixed critical flaws that were already being exploited in the wild.
A security researcher has found a vulnerability in Google's login pages, which could be manipulated for malware download. However, Google did not consider the issue to be alarming.
The Vine team at Twitter had a domain that allowed anybody - without authentication - to download their images for the Vine webapp. The vulnerability has since been fixed.
Old Intel code still present in UEFI firmware used by many machines has left devices open to attacks. Lenovo admits that the Secure Boot-disabling vulnerability's scope of impact is industry wide.
A security researcher has found an exploit-chain that can be used on Android devices with Qualcomm chips to break into the device's disk encryption. This exposes all of the user's data.
A zero-day vulnerability is being exploited in the wild across all platforms, as Adobe's engineers scramble to put out a patch this week. This is the third such instance in as many months.
A credible zero-day vulnerability is being auctioned off on criminal websites. The exploit can be used on all versions of Windows including 10 and can even supposedly bypass Microsoft's EMET suite.
Microsoft and Adobe are warning users against two zero-day vulnerabilities that are being used in the wild. Microsoft already patched its software with yesterday's Patch Tuesday.
The Lenovo Solution Centre, pre-bundled on almost every Lenovo PC, has been found to have a flaw that could put affected PCs at risk of attack, by allowing elevated privileges on the machine.
A severe vulnerability was recently discovered that affected Apple's OS X and iOS operating systems. It could allow for an attacker to execute arbitrary binaries and even load unsigned kernel code.
Security researcher, Chris Vickery, managed to find a publicly available server which held the details of all US voters. Luckily, public access to the database has now been cut off.
An independent researcher has uncovered a problem with the Android and browser versions of WhatsApp. An attacker can send around 4,000 smileys to their target which causes the victim's app to crash.
Recently, it was discovered that Home Hub 1000 and 2000 series routers supplied by Bell Canada were susceptible to attack via its Wi-Fi interfaces due to a flaw involving WPS.
The latest batch of security patches is now out from Microsoft and a number of them address critical vulnerabilities. As such we recommend you upgrade as soon as possible to keep your machine safe.
Lenovo, Dell and Toshiba have been found to be shipping vulnerable bundleware on their PCs. The software would allow attackers to execute code and commands with system level permissions.
According to a Reddit user, some Dell units come with a pre-installed SSL certificate, eDellRoot, that could cause potential for SSL attacks. This is familiar - a year ago, Lenovo had a similar issue.
A blogger based in Beijing has uncovered a vulnerability on how Microsoft account identifiers are retrieved in plain text; meaning when you visit Outlook.com or Calendar you could be tracked.
A new report claims that a new set of vulnerabilities, dubbed Stagefright 2.0 in the Android OS may be affecting more than a billion users and every device is susceptible to malicious attacks.
A lock screen bypass vulnerability has been discovered in Android version 5.0-5.1.1. The bypass allows an attacker to gain full access to a locked device even when encrypted.
Sony is rolling out new firmware (build 14.6.A.0.368) for some Xperia handsets - and unlike a similar update it pushed out last week, this one includes a fix for the Android Stagefright vulnerability.
It is not uncommon for Microsoft to issue security updates for its products. The latest update patches a vulnerability for Internet Explorer that spans all supported versions.
Researchers have outlined a vulnerability in the way permissions for support apps are installed by most OEMs on their Android devices which can allow for total control of a device.
After Google committed to providing monthly security updates for Nexus devices, Samsung and LG have now said that they will do the same, releasing regular patches for their Android phones and tablets.
A malicious exploit hidden in an advertisement on a Russian site allowed access to Firefox users' files and could upload data to an external server; users are advised to upgrade to new version.
The vulnerability lets an attacker take control of any device running Android 2.2 onwards using multimedia content - but while Google has had a patch since April, 95% of devices remain unprotected.
Adobe has released a security patch for its Flash Player to fix a critical security vulnerability that has apparently been exploited by a Chinese cyber-espionage group for several weeks.
Samsung has issued a statement and will begin rolling out an update for those affected with the Galaxy keyboard vulnerability. The vulnerability is thought to have affected over 600 million devices.
A recently-discovered vulnerability in Apple's Macintosh computers allows hackers to dig deep into your computer undetected and rewrite how your machine works.
In an effort to patch any possible vulnerabilities, United Airlines has launched a program which will reward up to 1 million free miles to anyone who finds a bug or security flaw in their website.
A Russian coder recently found a vulnerability in YouTube which allowed him to delete any video on the service, he also said that he was "tempted to clean up Bieber's channel" following its discovery.
Facebook has paid $12,500 to Laxman Muthiya, an Indian Security researcher for reporting a major vulnerability which could allow hackers to delete all the public photos on the social platform.
Details of another Windows vulnerability have been published by Google before Microsoft was able to release a patch, which can now be more widely exploited by anyone as a result of its disclosure.
The POODLE bug knows no bounds and has even affected the MetroTwit app, and as a result, the developers have decided to issue a hotfix for the retired Twitter client - but this is probably a one-off.
A Copenhagen-based developer has discovered a vulnerability that allows telephone numbers in Safari pages on the iPhone to automatically place calls, to any number including the expensive ones.
Multiple Mediatek-based smartphones, including the Acer Liquid E2, are automatically restarting themselves upon receiving a plain equals sign ("=") in an SMS message. However the fix is fairly simple.
Microsoft has updated the Malware Protection Engine found in many of its security programs such as Windows Defender, Security Essentials and Forefront Security, to patch a serious vulnerability.
WordPress users could be left vulnerable over unsecured networks due to unencrypted cookies when logging in to the website, which means possible exposure of private emails, user settings, and more.
A security vulnerability found in Microsoft Word (which was patched last month) has been used by hackers to target government and educational institutes in Taiwan who failed to update their systems.
A newly-discovered bug in iOS 7 has revealed that any email attachments sent from an iOS 7 device will not properly encrypt, leaving files potentially vulnerable to attacks.
A new report has detailed a serious zero-day security vulnerability called "Heartbleed" affecting the OpenSSL cryptographic library caused due to a programming error and a fix is being worked on.
A backdoor has been discovered affecting the modem of various Samsung devices, allowing remote and indiscriminate read/write/delete access to the device's storage
A new security report from Secunia states that Windows 8 is the most vulnerable Windows OS on the market but it's not all Microsoft's fault, Adobe's Flash player is a big contributor to this issue.
Adobe has issued an immediate update to the Flash player plugin after a report of a serious vulnerability, targeting public policy websites, was published by security researchers at FireEye.
A zero-day vulnerability present in Windows systems, which allowed users to install programs and modify data, was recently used to target over 28 embassies in the Middle Eastern region.
A weakness in the Pinterest social network made it possible for someone to modify a URL and view the email address associated with any account, within minutes. Pinterest claims this to be fixed.
Two supposedly secure email services, Silent Email and Lavabit, closed within a matter of hours of each other, with concerns about government pressure over 'high-profile' users of the services.
Microsoft has disclosed that some Windows systems have been attacked via a critical flaw in the OS's code. The vulnerability was made public back in May by a Google engineer.
Apple has plugged a gap in their App Store security, 6 months after a Google security researcher alerted them to the problem which could allow hackers access to sensitive information.
Oracle's most famous product, Java, has a few more woes to add to its past week after a Polish security firm discovered two more potential weaknesses hackers could use in future attacks.