This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589, ) that is already being used in malicious attacks.
Read More This month’s Microsoft Patch Tuesday includes important updates that patch two zero-day vulnerabilities that are already being actively exploited.
Read More This month’s Patch Tuesday entry patched a number of critical vulnerabilities from Microsoft and Adobe, including a DNS-related vulnerability, CVE-2018-8225 and a critical Flash Player vulnerability, CVE-2018-5002.
Read More Microsoft has rolled out its Patch Tuesday for April to address security issues in Internet Explorer (IE), Edge, ChakraCore, Visual Studio, Microsoft Office and Office Services and Web Apps, and Malware Protection Engine. Of the 67 listed vulnerabilities, 24 were rated critical. Eight of these were disclosed through Trend Micro’s ZDI program.
Read MoreOn March 10, Adobe has released an emergency out-of-band update to fix a zero-day vulnerability that was being used in targeted attacks. The vulnerability was designated as CVE-2016-1010. To analyze this vulnerability, I examined an earlier version of the Flash Player (Flash32_19_0_0_185.ocx file on Windows 7) to find the root cause of the vulnerability.
Read More