June 13, 2024 at 01:39PM Google’s latest Pixel update includes patches for 50 security vulnerabilities, with one already being exploited as a zero-day attack. GrapheneOS confirms the exploit and mentions forensics companies targeting users with certain apps. The update aims to address this and other issues, but requires manual installation. Additionally, Arm has flagged a … Read more
June 7, 2024 at 02:23PM SolarWinds released version 2024.2 with new features, upgrades, and security patches. This includes fixing high-severity SWQL injection bug (CVE-2024-28996), reported by a NATO-affiliated penetration tester. Other flaws fixed are a high-severity cross-site scripting flaw (CVE-2024-29004) and a medium-severity race condition vulnerability. The update also enhances map functionality and overall stability. … Read more
May 15, 2024 at 04:24AM In May 2024, Microsoft’s Patch Tuesday updates addressed 61 security flaws, including two zero-days actively exploited. A Critical flaw in the Windows MSHTML Platform and an Important one in the Desktop Window Manager were exploited in attacks. The vulnerabilities require urgent fixes to prevent widespread exploitation. Other vendors have also … Read more
May 14, 2024 at 04:11AM Google has released emergency security updates for its Chrome browser, addressing a high-severity zero-day vulnerability exploited in attacks. This comes after fixing another zero-day vulnerability just three days earlier. The latest bug, CVE-2024-4761, affects Chrome’s V8 JavaScript engine and allows out-of-bounds write issues, the sixth zero-day bug fixed in 2024. … Read more
May 13, 2024 at 01:45PM Apple released updates addressing CVE-2024-27789 and CVE-2024-23296. The first fix is for a logic issue which allowed app access to user data. The second addresses a memory corruption issue that could allow an attacker to bypass kernel memory protections. Updates are available for several iPhone and iPad models. It appears … Read more
May 13, 2024 at 01:45PM Apple released security updates for multiple vulnerabilities in its products, such as AppleAVD, AppleMobileFileIntegrity, Maps, RemoteViewServices, and WebKit. These updates mitigate issues like arbitrary code execution, unauthorized data access, and bypassing pointer authentication. Users of Apple TV HD and Apple TV 4K should install the available updates to safeguard their … Read more
May 13, 2024 at 01:45PM Summary: Several security vulnerabilities (CVE-2024-27804, 27816, 27810, 27821, 27834) have been addressed in Apple products, including AppleAVD, AppleMobileFileIntegrity, Maps, RemoteViewServices, Shortcuts, and WebKit. The updates are available for Apple Watch Series 4 and later, addressing issues related to arbitrary code execution, user data access, sensitive location information, and Pointer Authentication … Read more
May 13, 2024 at 01:45PM Summary: Apple released updates for macOS Ventura to address logic and memory corruption issues, impacting Foundation, Login Window, and RTKit. The vulnerabilities could lead to unauthorized data access and bypassing of kernel memory protections. The updates aim to improve checks, state management, and validation to mitigate potential risks. From the … Read more
April 24, 2024 at 09:15AM Google released Chrome 124 update addressing four vulnerabilities, including a critical security hole, identified as CVE-2024-4058, allowing potential arbitrary code execution or sandbox escapes. Two members of Qrious Secure reported it and received a $16,000 bounty. The update also addresses two high-severity vulnerabilities, but no mention of CVE-2024-4058 being exploited … Read more
April 3, 2024 at 06:24AM Google released patches for 28 Android vulnerabilities and 25 Pixel device bugs, including two actively exploited issues (CVE-2024-29745 and CVE-2024-29748). Notable among the flaws is CVE-2024-23704, a high-severity vulnerability in the System component. The update also addressed security issues in Qualcomm and MediaTek components and resolved bugs in Android Automotive … Read more