June 11, 2024 at 08:33PM Microsoft’s June Patch Tuesday addressed 49 CVE-tagged security flaws, including a critical bug in wireless networking and a publicly disclosed DNS vulnerability (CVE-2023-50868). It also included an RCE issue in Microsoft Message Queuing (CVE-2024-30080) and a Wi-Fi driver remote code execution hole (CVE-2024-30078). Adobe, SAP, PHP, Arm, Apple, Google, SolarWinds, … Read more
June 11, 2024 at 07:13PM The critical CVE-2024-30080 is the highlight of Microsoft’s June 2024 Patch Tuesday update, but several other issues also need immediate attention. Based on the meeting notes, the key takeaway would be that CVE-2024-30080 is the critical issue in Microsoft’s June 2024 Patch Tuesday update, but there are also many other … Read more
June 11, 2024 at 05:36PM Microsoft has issued urgent patches for critical vulnerabilities in its Windows operating system. The most severe flaw, CVE-2024-30080, allows for remote code execution in the Microsoft Message Queuing component. Additionally, there are numerous code execution issues in Microsoft Office, Windows services, and a remote code execution vulnerability in Windows WiFi … Read more
June 11, 2024 at 03:32PM Microsoft released Windows Server 2022 KB5039227 and Windows Server 2019 KB5039217 updates as part of June 2024 Patch Tuesday, fixing 51 vulnerabilities. The latter resolves LSASS process crashes and memory leaks, with no known issues, while the former fixes additional bugs including SMB over QUIC issues and Outlook search problems, … Read more
June 11, 2024 at 02:36PM Adobe has released fixes for critical vulnerabilities, addressing the risk of code execution attacks on Windows and macOS platforms. The vulnerabilities were identified in After Effects and Illustrator. This highlights the importance of applying patches promptly to mitigate potential security threats. Upon review of the meeting notes, it appears that … Read more
June 11, 2024 at 02:08PM Microsoft released the KB5039212 cumulative update for Windows 11 version 23H3 as part of June 2024 Patch Tuesday. It includes 37 improvements, such as enhanced drag-and-drop support in File Explorer. The update is mandatory for security reasons and can be manually downloaded or installed via Windows Update. Notably, new features … Read more
May 29, 2024 at 05:35PM Microsoft has released the optional KB5037849 Preview cumulative update for Windows 10 22H2, primarily a maintenance release with nine fixes or changes. It includes two new enterprise features, improved Chinese fonts and input, but does not include security updates. The update can be installed via Settings > Windows Update or … Read more
May 17, 2024 at 08:09AM Seven Windows privilege escalation vulnerabilities discovered at Pwn2Own 2024 remain unpatched by Microsoft, with only one fix issued so far. Trend Micro’s Zero Day Initiative, which oversees Pwn2Own, notes the potential threat these bugs pose. Microsoft’s lag in resolving these issues contrasts with prompt actions by other tech companies, prompting … Read more
May 15, 2024 at 11:21AM Intel released 41 security advisories addressing over 90 vulnerabilities in its products. Critical vulnerability CVE-2024-22476 was found in Neural Compressor, allowing unauthenticated remote attackers to escalate privileges. High-severity flaws were also found in UEFI firmware, graphics, and network products. Additionally, there were medium-severity vulnerabilities in various hardware and software products. … Read more
May 15, 2024 at 06:36AM Major industrial control systems providers, including Siemens, Rockwell Automation, Mitsubishi Electric, and Johnson Controls, have issued Patch Tuesday advisories addressing vulnerabilities in their products. Siemens has published 15 advisories, addressing critical vulnerabilities in various products, while Rockwell Automation and Mitsubishi Electric also reported high-severity vulnerabilities. CISA has informed organizations about … Read more