_medium.jpg)
Microsoft Defender, AVG, Avast, and more, were found vulnerable to a new zero-day security exploit through which harmless files, even system files, could be deleted using the anti-virus.
Local privilege escalation RSS
_medium.jpg)
Several popular Lenovo consumer models, including IdeaPad, Legion, and more, have been found to be vulnerable to UEFI firmware security bugs. The vulnerabilities can lead to privilege of escalation.
An unofficial patch for a Windows LPE security vulnerability under "CVE-2021-34484" is out, one that was supposedly fixed by Microsoft via its Patch Tuesday updates twice, but apparently not.
ESET has released updated builds for a whole bunch of its products on Windows. These updated product builds fix a local privilege escalation (LPE) vulnerability that the firm learned about last year.
An LPE security vulnerability under the ID CVE-2021-4034 was found by Linux security researchers at Qualys. The bug has been present for 12+ years and almost every major Linux distro is vulnerable.
Intel has published an updated security advisory for a couple of new LPE bugs that were discovered. A lot of the newer CPUs, except Alder Lake, are vulnerable too. Firmware patches are rolling out.
Despite claims to the contrary, Microsoft says that its PrintNightmare patch works as intended. It states that security researchers who are calling it ineffective are using insecure configurations.
A new Windows 10 zero-day has surfaced on Github. The vulnerability, which Microsoft isn't believed to have been forewarned about, was released by SandboxEscaper who has previously released zero-days.
