Month: July 2024
Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users. The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component…
Read MoreAdobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply necessary updates: Security Updates Available for Adobe Premiere Pro | APSB24-46 Security Update…
Read More
Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. Many networked devices (including switches, routers, and other routing infrastructure) on enterprise and telecommunication networks use the authentication and authorization RADIUS (Remote Authentication Dial-In User Service) protocol, sometimes tens of thousands of…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-077 DATE(S) ISSUED: 07/09/2024 OVERVIEW: A vulnerability has been discovered in OpenSSH that could allow for remote code execution. OpenSSH is a suite of secure networking utilities based on the SSH protocol and is crucial for secure communication over unsecured networks. It is widely used in enterprise environments for remote server management,…
Read More
The 138 new CVEs (Common Vulnerabilities and Exposures) is ‘just shy of the record’ for Microsoft’s monthly release of security fixes, writes Trend Micro’s Dustin Childs. Microsoft made fixes available Tuesday for five critical vulnerabilities as part of its July patch release — while disclosing fixes for a near-record number of new CVEs (Common Vulnerabilities…
Read More
Fujitsu confirms that information related to some individuals and customers’ business has been compromised during the data breach detected earlier this year. The Japanese tech giant states that the attack did not involve ransomware but relied on a sophisticated mechanism to evade detection while exfiltrating the details. In March, the company discovered that several of…
Read More
5Critical 132Important 1Moderate 0Low Microsoft addresses 138 CVEs in its July 2024 Patch Tuesday release, with five critical vulnerabilities and three zero-day vulnerabilities, two of which were exploited in the wild. Microsoft released 138 CVEs in July 2024 Patch Tuesday release, with five rated critical, 132 rated important and one rated moderate. Our counts omitted…
Read More
Microsoft has released the KB5040427 cumulative update for Windows 10 21H2 and Windows 10 22H2 with 13 changes, including Microsoft Copilot now behaving like an app, providing more flexibility on how it is displayed. The Windows 10 KB5040427 update is mandatory as it contains Microsoft’s July 2024 Patch Tuesday security updates, which fix 142 vulnerabilities. Windows users can…
Read More
In episode six of The AI Fix, our hosts discover an unusual place to put a traffic cone, Mark learns why Americans should pretend to be from Brazil, and Graham discovers a way to make any situation much, much worse. Graham inflicts his terrible Australian accent on Mark while explaining bot-on-bot crime, and Mark tells…
Read More
Tag CVE ID CVE Title Severity .NET and Visual Studio CVE-2024-30105 .NET Core and Visual Studio Denial of Service Vulnerability Important .NET and Visual Studio CVE-2024-38081 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability Important .NET and Visual Studio CVE-2024-35264 .NET and Visual Studio Remote Code Execution Vulnerability Important .NET and Visual Studio…
Read More