Time to Patch – Page 5 – PossibleThreat Articles

Microsoft Patch Tuesday, April 2022 Edition

April 13, 2022 0 Comments Latest Warnings, security tools, Time to Patch

Credit to Author: BrianKrebs| Date: Wed, 13 Apr 2022 15:01:24 +0000

Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security Agency (NSA).

Independent Krebs Security

Microsoft Patch Tuesday, March 2022 Edition

March 9, 2022 0 Comments cve-2022-21967, cve-2022-21990, cve-2022-23277, cve-2022-23285, cve-2022-24459, cve-2022-24503, cve-2022-24508, cve-2022-24512, dustin childs, greg wiseman, immersive labs, kevin breen, microsoft exchange server, microsoft patch tuesday march 2022, rapid7, remote desktop, Time to Patch, trend micro zero day initiative, windows smbv3

Credit to Author: BrianKrebs| Date: Wed, 09 Mar 2022 16:22:12 +0000

Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here’s a look at the security weaknesses Microsoft says are most likely to be targeted first.

Independent Krebs Security

Microsoft Patch Tuesday, February 2022 Edition

February 8, 2022 0 Comments allan liska, andrew cunningham, ars technica, cve-2022-21989, cve-2022-21996, cve-2022-22005, greg wiseman, immersive labs, kevin breen, print spooler, rapid7, recorded future, Time to Patch, win32k

Credit to Author: BrianKrebs| Date: Tue, 08 Feb 2022 22:38:16 +0000

Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents.

Independent Krebs Security

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

February 2, 2022 0 Comments cve-2021-22947, cve-2021-36976, cve-2022-21846, cve-2022-21907, dustin childs, exchange server, http protocol stack, Latest Warnings, microsoft patch tuesday january 2022, National Security Agency, rapid7, satnam narang, tenable, The Coming Storm, Time to Patch, trend micro, zero day initiative

Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.

Independent Krebs Security

Microsoft Patch Tuesday, March 2020 Edition

March 17, 2020 0 Comments animesh jain, application inspector, cve-2020-0688, cve-2020-0852, cve-2020-0872, Qualys, recorded future, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 10 Mar 2020 23:44:29 +0000

Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.

Independent Krebs Security

Zyxel 0day Affects its Firewall Products, Too

February 26, 2020 0 Comments 0day, alex holden, Latest Warnings, Time to Patch, zero day, zyxel

Credit to Author: BrianKrebs| Date: Wed, 26 Feb 2020 14:43:31 +0000

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products.

Independent Krebs Security

Zyxel Fixes 0day in Network Storage Devices

February 24, 2020 0 Comments 0day, 500mhz, alex holden, cert coordination center, cert/cc, cve-2020-9054, dhs, emotet, Hold Security, Latest Warnings, Ransomware, The Coming Storm, Time to Patch, zero day, zyxel communications corp.

Credit to Author: BrianKrebs| Date: Mon, 24 Feb 2020 17:13:11 +0000

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.

Independent Krebs Security

Microsoft Patch Tuesday, February 2020 Edition

February 11, 2020 0 Comments alan liska, cve-2019-1280, cve-2020-0618, cve-2020-0674, cve-2020-0688, jimmy graham, microsoft patch tuesday february 2020, Qualys, recorded future, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 11 Feb 2020 23:13:57 +0000

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.

Independent Krebs Security

Apple Addresses iPhone 11 Location Privacy Concern

January 22, 2020 0 Comments A Little Sunshine, Apple, brandon butch, iphone 11, Time to Patch, ultra wideband

Credit to Author: BrianKrebs| Date: Wed, 22 Jan 2020 23:14:48 +0000

Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month.

Independent Krebs Security

Patch Tuesday, January 2020 Edition

January 14, 2020 0 Comments cve-2020-0601, johns hopkins university, kenneth white, matthew green, MongoDB, Qualys, Time to Patch, Windows 10

Credit to Author: BrianKrebs| Date: Wed, 15 Jan 2020 02:31:50 +0000

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency. This month also marks the end of mainstream support for Windows 7, a still broadly-used operating system that will no longer be supplied with security updates.