December 12, 2023 at 06:18PM Microsoft’s December 2023 security update featured fewer vulnerabilities for IT and security teams to address compared to recent months. The update addressed 36 vulnerabilities, including 4 critical ones and 11 likely to be exploited. Despite this, security experts advise vigilance due to potential attack threats posed by certain bugs. This … Read more
November 14, 2023 at 05:49PM Microsoft released a November update with 63 bug fixes, including three actively exploited zero-day vulnerabilities. One of the bugs, CVE-2023-36036, allows attackers to acquire system-level privileges through Windows Cloud Files Mini Filter Driver. CVE-2023-36033 provides system-level access through the Windows DWM Core Library, and CVE-2023-36025 allows attackers to bypass Windows … Read more
October 18, 2023 at 08:48AM Oracle has released 387 new security patches as part of the October 2023 CPU. Over 40 patches address critical-severity flaws and more than 200 resolve bugs that can be remotely exploited. The patches cover various Oracle products, with Financial Services Applications receiving the most fixes. Oracle advises customers to apply … Read more
October 12, 2023 at 08:26PM 35 vulnerabilities in the Squid caching proxy remain unfixed after more than two years, according to the person who reported them. The researcher found 55 flaws in Squid’s source code, but only 20 have been fixed. The remaining vulnerabilities do not have patches or workarounds, and some have not been … Read more
October 11, 2023 at 09:09AM Microsoft introduced Patch Tuesday in October 2003, a monthly release of software fixes on the second Tuesday of each month. The change brought predictability and stability for IT administrators, who previously faced chaotic patching processes. The number of patches has increased significantly over the years, and other vendors have joined … Read more
October 10, 2023 at 06:06PM Microsoft’s October Patch Tuesday update addressed two zero-day vulnerabilities that were actively being attacked, affecting Microsoft WordPad and Skype for Business. A critical-rated bug in Message Queuing was also patched. The update included a total of 103 CVEs, with 13 critical-rated vulnerabilities and 20% of the fixes related to Microsoft … Read more