Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws

December 10, 2024 at 01:38PM Several Microsoft vulnerabilities were reported, affecting various components such as Microsoft Defender, Edge, Office, SharePoint, and Windows services. Severity levels range from moderate to critical, with numerous remote code execution and elevation of privilege vulnerabilities listed, posing significant security risks to users and systems. ### Meeting Takeaways: CVE Vulnerabilities Overview … Read more

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws

September 10, 2024 at 01:37PM Today, Microsoft’s September 2024 Patch Tuesday addresses 79 flaws, including four zero-days. Seven critical vulnerabilities were fixed, with details on each category of flaws provided. Notably, one of the zero-days, CVE-2024-38014, allows attackers to gain SYSTEM privileges. The update also includes vulnerabilities in various Microsoft products and services, along with … Read more

Google backports fix for Pixel EoP flaw to other Android devices

September 4, 2024 at 11:22AM Google has issued the September 2024 Android security updates, addressing 34 vulnerabilities. Notably, CVE-2024-32896, a previously patched elevation of privilege flaw on Pixel devices, has been actively exploited. Based on the meeting notes, it appears that Google has released the September 2024 Android security updates to address 34 vulnerabilities. One … Read more

Android’s September 2024 Update Patches Exploited Vulnerability

September 4, 2024 at 05:36AM Google has released a new set of Android security updates addressing 35 vulnerabilities, including a high-severity local privilege escalation bug. The bug, tracked as CVE-2024-32896, was exploited in attacks and is addressed in the September 2024 Android security bulletin. The updates also resolve other high-severity flaws and issues in Framework … Read more

Google warns of actively exploited Pixel firmware zero-day

June 12, 2024 at 03:13PM Google has released patches for 50 security vulnerabilities affecting its Pixel devices. One flaw, CVE-2024-32896, has been targeted in zero-day attacks and is considered a high-severity issue. The company advises all supported Google devices to accept the 2024-06-05 patch update. Pixel users must go to Settings > Security & privacy … Read more

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

June 12, 2024 at 02:17PM Google released a significant Pixel security update addressing a zero-day vulnerability CVE-2024-32896 exploited in the wild. The update addresses 44 Pixel-specific vulnerabilities, including seven critical bugs. It also fixes issues in Qualcomm components. Additionally, a separate actively exploited Arm Mali GPU Kernel Driver flaw, tagged as CVE-2024-4610, has been highlighted. … Read more

37 Vulnerabilities Patched in Android

June 4, 2024 at 05:06AM Google released the June 2024 Android security updates, addressing a total of 37 vulnerabilities. The first part includes fixes for 19 flaws in the Framework and System components, addressing high-severity issues. The second part covers 18 vulnerabilities in various components. Wear OS and Android Automotive OS updates are also included, … Read more

Cisco Patches High-Severity IOS RX Vulnerabilities 

March 14, 2024 at 09:15AM Cisco announced patches for multiple high-severity vulnerabilities in IOS RX software, addressing DoS and privilege elevation risks. Vulnerabilities include flaws in SSH, line cards with Layer 2 services, and PPPoE termination in ASR 9000 series routers. The fixes are part of the March 2024 IOS RX security advisories bundle, also … Read more

Microsoft Discloses Critical Hyper-V Flaws in Low-Volume Patch Update

March 12, 2024 at 06:13PM Microsoft’s March Patch Tuesday update addresses 60 unique CVEs, with only two rated as “critical”. Both affect Windows Hyper-V: CVE-2024-21407, a remote code execution (RCE) bug, and CVE-2024-21408, a denial-of-service (DoS) vulnerability. The update also includes fixes for 18 RCE and two dozen elevation-of-privilege vulnerabilities, requiring immediate attention. Notably, this … Read more

Android’s March 2024 Update Patches Critical Vulnerabilities

March 6, 2024 at 08:31AM Google released security updates for Android, addressing 38 vulnerabilities including 2 critical flaws in the System component impacting Android 12, 12L, 13, and 14. The flaws could result in remote code execution and elevation of privilege. Devices can be protected by installing the March 2024 security update. Other components like … Read more