September 24, 2024 at 04:12PM CrowdStrike has overhauled its testing and update processes to avoid a recurrence of the disruptive July outage on Windows systems. Vice President Adam Meyers outlined new protocols, such as controlled software rollouts, improved code validation, and expanded testing to cover various scenarios. The changes aim to prevent similar system failures … Read more
September 18, 2024 at 01:28PM Microsoft accidentally revealed that Windows 11 24H2 is scheduled for a September 24 release as an optional preview update and will be included in the mandatory October Patch Tuesday updates. Based on the meeting notes, it seems that Microsoft may have inadvertently revealed that Windows 11 24H2 (Windows 11 2024 … Read more
September 4, 2024 at 08:31AM Zyxel has released software updates to address a critical security flaw (CVE-2024-7261) affecting some access points and security routers, along with updates for seven other vulnerabilities. The flaws could result in unauthorized command execution, denial-of-service, or access to browser-based information. D-Link has announced that certain security vulnerabilities will not be … Read more
July 18, 2024 at 07:45AM Cisco announced software updates for around a dozen vulnerabilities, which included critical-severity bugs in Secure Email Gateway and Smart Software Manager On-Prem. The flaws could allow an attacker to execute arbitrary code, initiate denial-of-service conditions, or access the web UI with compromised user privileges. Cisco also addressed high-severity vulnerabilities in … Read more
April 26, 2024 at 01:46AM Many Chinese keyboard apps, including those from major handset manufacturers, have been found to be leaking keystrokes, leaving potentially three quarters of a billion people at risk. These apps use input method editor (IME) software, such as the Pinyin scheme, which uploads keystrokes to the cloud for processing. Vulnerabilities have … Read more
April 9, 2024 at 04:58PM Researchers at Bitdefender have identified four vulnerabilities in LG webOS, affecting various smart TV models and exposing around 91,000 devices. These bugs include command injection, privilege escalation, and bypass vulnerabilities, tracked as CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320. LG released security updates after being alerted in November 2023. Users should check … Read more
February 20, 2024 at 06:27AM ConnectWise released software updates to fix critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could enable remote code execution and impact confidential data or critical systems. Users of affected versions are urged to update to version 23.9.8 to mitigate the risk of exploitation. Key Takeaways … Read more
February 6, 2024 at 07:36AM Google announced patches for 46 Android vulnerabilities, including a critical bug (CVE-2024-0031) in the System component, enabling remote code execution. The 2024-02-01 security patch level fixed this flaw and 14 other high-severity defects. A subsequent update on 2024-02-05 addressed 31 high-severity issues in various components. Google also patched seven Pixel … Read more
January 11, 2024 at 04:01AM Cisco has issued software updates to address a critical security flaw (CVE-2024-20272 – CVSS score: 7.3) in Unity Connection, allowing arbitrary file upload and execution of commands. Users are advised to update to patched versions to mitigate potential threats. Additionally, 11 medium-severity vulnerabilities have been resolved across Cisco software. Cisco … Read more
November 17, 2023 at 05:08PM VicOne and Block Harbor have unveiled an integrated workflow-based system for the automotive industry that provides cybersecurity intelligence. The system improves the efficiency of software updates in vehicles and manages growing cybersecurity threats. It allows automakers to quickly assess risks and take appropriate actions. The solution also enables testing of … Read more