Microsoft’s September Patch Tuesday covered 80 CVEs, 17 of which were rated critical, and included patches for Azure DevOps Server, Chakra Scripting engine, and Microsoft SharePoint. Sixty-two were labeled as important and included patches for Microsoft Excel, Microsoft Edge, and Microsoft Exchange. Only one was rated as moderate.
Read More
We found a new wormable malware we’ve named BlackSquid targeting web servers, network and removable drives using evasion, anti-virtualization, anti-debugging, and anti-sandboxing techniques to drop a Monero miner.
Read More
On September 18, 2018, more than a month after we published a blog revealing the details of a use-after-free (UAF) vulnerability CVE-2018-8373 that affects the VBScript engine in newer Windows versions, we spotted another exploit that uses the same vulnerability. It’s important to note that this exploit doesn’t work on systems with updated Internet Explorer versions.
Read More This month’s Microsoft Patch Tuesday includes important updates that patch two zero-day vulnerabilities that are already being actively exploited.
Read MoreThis month’s Patch Tuesday features 12 updates, with five rated as “critical” and seven as “important.” Included in the critical updates are cumulative updates for both Internet Explorer (MS15-094) and Microsoft Edge (MS15-095). These updates address bugs that could allow remote code execution if the user visits a specially crafted webpage using either browser. Adobe…
Read More