Apple released security updates for its cellphones, set top box and Window's iCloud platform shortly after rolling out another patch for the KRACK exploits.
Apple has continued to roll out patches to fix the KRACK (Key Reinstallation AttaCKs) series of vulnerabilities, this time in its AirPort Base Station firmware.
Microsoft's December Patch Tuesday release contained 34 vulnerabilities with 22 of these being rated critical and affecting the company's browser products.
Adobe had a minimal Patch Tuesday offering for December listing just one vulnerability for Flash Player.
The vulnerability impacts numerous Microsoft security offerings, including multiple versions of Microsoft Exchange, ForcePoint End Point Protector and Defender.
The Mozilla Foundation has fixed two security issue, one rated critical, in Firefox 57.0.2 and Firefox ESR 52.5.2.
Apple released security updates to patch vulnerabilities in its iOS, mac OS, tvOS and watchOS platforms.
Google issued patches for 37 security issues in Chrome, with one being rated critical and six considered high risks, with the release of Chrome 63.0.3239.84.
Checkpoint researchers discovered several vulnerabilities in Android application developer tools that could put any developer.
Mozilla released a security update to address critical vulnerabilities in Firefox 57 which could allow a remote attacker to take control of an affected system.
Google's December Nexus/Pixel security release contained 48 issues, but with only one vulnerability being rated critical and five high, but three could result in a denial of service (DoS) situation if exploited.
Bindecy security researchers identified a flaw in the original patch code of the Dirty Cow vulnerability which could ultimately lead to a privilege escalation attack.
The company plans to push the update out to users.
When Facebook debuted a new polling feature earlier this month, it also introduced a vulnerability that could have allowed a malicious actor to delete any photo saved to the social media site.
Online retailer AliExpress fixed a vulnerability in its online shopping portal last October after researchers discovered a way to inject a fake coupon designed to phish sensitive information from those who receive it.
Positive Technologies researchers identified elevation of privilege exploits in various Intel product families which could enable a system crash or system instability, among other issues.
Oracle Corporation issued an emergency patch on Tuesday, fixing critical vulnerabilities affecting the Jolt server within Oracle Tuxedo that could be exploited over a network with no valid username or password credentials.
Microsoft's November Patch Tuesday rollout included patches 53 flaws, 20 rated critical, spread across a variety of products, including Edge, Internet Explorer, Windows and Office.
Adobe's November Patch Tuesday offering included 83 patches, including fixes for five critical-rated issues in Flash Player. Reader and Acrobat, by themselves, generated more than five dozen CVEs.
Game developer Bluehole, Inc. issued a hotfix for its popular title TERA this weekend, following the circulation of a report revealing that the MMORPG's HTML-based chat function could be abused to spread malware.
With APT28 now using Microsoft's Dynamic Data Exchange (DDE) as an attack point, the company has issued an official advisory concerning the practice, along with possible mitigation methods.
The Tor Project released a patch fixing an issue that could reveal the correct IP address of MacOS and Linux users accessing the Tor browser.
Cisco Systems on Wednesday issued patches for 16 different product vulnerabilities, half of which are considered high impact in nature.
A Disney-branded internet filter underwent automatic patching after researchers discovered multiple vulnerabilities that could have exposed users to cyberattacks, researchers from Talos have reported.
WordPress has issued a new update, version 4.8.3, that researchers and the organization itself said could lead to a SQL injection and strongly recommend users update to the latest version.
A private website Google used to track bugs in its own products was discovered to have its own set of flaws that could have exposed sensitive vulnerability reports.
Oracle has issued a security alert advisory for a critical vulnerability discovered in its Oracle Identity Manager that can result in total compromise of the software suite via an unauthenticated network attack. A fix is now available.
APT28 is now also being named as one of the cyber gangs attempting to take advantage of Adobe Flash vulnerability CVE-2017-11292.
Cisco on Wednesday issued a security update to repair a critical unauthorized access vulnerability in its Cloud Services Platform (CSP) 2100.