Google has released an emergency security update, which fixes a new Chrome zero-day security vulnerability. The new firmware is rolling out to users in the Stable and Extended stable channel.
Windows 11 build 23545 fixes a number of File Explorer bugs and more
windows 11 insider preview
Zero-day vulnerability RSS
One of the researchers who found that Google Pixel's snipping tool, Markup, didn't completely delete data in cropped images has found a similar flaw in Microsoft's snipping tools in Windows 10 and 11.
The security firm Mandiant says Microsoft, Google, and Apple had most of the 55 zero-day issues that were exploited by hackers in 2022. The number is lower than 2021, but still higher than most years.
The Outlook zero-day exploit was reportedly being used by a Russian-based hacking group to enter a number of European government and military organizations, but that exploit has now been fixed.
Microsoft's Threat Intelligence Center (MSTIC) claims it caught an Austrian company selling spyware called Subzero. The malware relied on zero-day vulnerabilities, which have been patched.
The infamous Hafnium group which successfully targeted on-premises Microsoft Exchange servers is now going after Windows using Tarrask malware which evades detection by cleaning its activities.
An unofficial patch for a Windows LPE security vulnerability under "CVE-2021-34484" is out, one that was supposedly fixed by Microsoft via its Patch Tuesday updates twice, but apparently not.
A new Local Privilege Escalation bug affecting all prevalent versions of Windows OS has received unofficial patches from 0Patch after Microsoft refused to fix the NTLM authenticating protocol.
Thanks to an as yet undisclosed critical vulnerability in Chrome 96, confirmed to be actively being exploited in the wild, Google is rolling out an update to Chrome 96, which y'all should update to.
This week in Microsoft news, there are new Windows 11 builds for Beta and Dev channels, security patches and zero-day bugs, Halo Infinite's next multiplayer preview news, and much more.
Microsoft has acknowledged that it is investigating a Windows zero-day vulnerability that is currently being exploited in the wild. The firm has provided a workaround that involves AcitveX controls.
Security researchers are reporting that Microsoft's fix for the PrintNightmare vulnerability that rolled out to most Windows versions is ineffective, and can let attackers completely bypass it.
Microsoft has revealed that on-premises Exchange servers are under attack from a state-sponsored group operating from China and utilizing 0-day exploits. Exchange Online is safe from the threat.
Google's Project Zero team has disclosed a zero-day vulnerability in Windows that enables elevated code execution that is currently being exploited. Microsoft is expected to patch the bug next month.
Mozilla has released Firefox 74.0.1 which includes patches for two zero-day vulnerabilities that are actively being exploited in the wild. The vulnerabilities allow hackers to run code on systems.
Google has patched three security bugs on Chrome, one of which is a zero-day vulnerability that is currently being exploited in the wild. The update is out for Windows, Mac, and Linux users.
Vulnerability Lab Security researcher Benjamin Kunz Mejri has revealed a now-fixed zero-day flaw in the Microsoft's service that allowed an attacker to remotely crash the application.
Samsung's Tizen operating system has been found to be riddled with security vulnerabilities that allow for remote-code execution, and for the delivery of malicious code via the OS' app store.
The DoubleAgent attack abuses Microsoft's Application Verifier tool to take full control over your antivirus, a research team from Cybellum has found, by exploiting a new Zero-Day vulnerability.