Patch | SC Media Patch

Patch

Intel patches 15 vulnerabilities affecting software, firmware

Intel on Tuesday distributed 11 new security advisories, disclosing 16 total vulnerabilities that affect various software or firmware products. None of the bugs was deemed critical, but there were seven high-level issues, including an escalation of privilege in Linux Administrative Tools for Intel Network Adapters. Carrying a CVSS base score of 8.2 (the highest among…

Adobe releases patches for critical vulnerabilities in Flash, Shockwave and Photoshop

Patch Tuesday: Adobe announces 25 bug fixes, 21 in Acrobat products

On the last Patch Tuesday of 2019, Adobe today released security updates for Acrobat and Acrobat Reader, Photoshop CC, Brackets and ColdFusion, fixing 25 critical and important vulnerabilities in the process. Twenty-one of the flaws were found in various Acrobat and Acrobat Reader products for the Windows and macOS platforms. Of these, 14 are critical,…

VMware advisory warns users to patch critical issue in product

VMware patches five security vulnerabilities

VMware pushed out security updates covering five vulnerabilities that if exploited could lead to information disclosure or a denial of service situation. The important-rated vulnerabilities are CVE-2019-5540, CVE-2019-5541 and CVE-2019-5542 and impact VMware Workstation Pro / Player and VMware Fusion Pro/Fusion. CVE-2019-5541 covers an out-of-bounds write vulnerability in e1000e virtual network adapter that could lead…

Microsoft Patch Tuesday covers 13 critical vulnerabilities

Microsoft today issued updates covering 74 vulnerabilities, 13 critical, as part of its November Patch Tuesday roll out with two flaws, CVE-2019-1429 and CVE-2019-1457, catching the eye of several cybersecurity researchers as particularly important. CVE-2019-1429 is a scripting engine memory corruption vulnerability that has been exploited in the wild as a zero day. When exploited…

A light November Patch Tuesday for Adobe

Adobe’s November Patch Tuesday offering focused on several products not normally covered with its monthly security update, including Illustrator, Media Encoder and Animate. None of the patched vulnerabilities have been spotted in the wild. Illustrator CC 2019’s patch covered three vulnerabilities, CVE-2019-7962, CVE-2019-8247 and CVE-2019-8248 with the first being rated important and the last two…

Patched bug allows beaming of malicious apps to NFC-enabled Android devices

Google last month patched an Android bug that could allow attackers to transfer a malicious application to a nearby NFC-enabled device via the Android Beam feature, bypassing security mechanisms in the process. The vulnerability was discovered in early 2019 by the research team at Nightwatch Cybersecurity, which late last month published a company blog post…

Google patches Chrome flaw used in mysterious WizardOpium exploit attack

Google last Thursday issued an update to its Chrome browser for Windows, Mac and Linux desktop environments, fixing two high-level vulnerabilities, including one that mysterious attackers have been exploiting as a zero day to deliver malware. The two bugs, fixed in version 78.0.3904.87, were identified as CVE-2019-13721, a use-after-free in PDFium, and CVE-2019-13720 a use-after-free…

Untitled Goose Game RCE flaw revealed

The just released video game “Untitled Goose Game” has an unsafe deserialization issue that could allow an attacker to execute malicious code. Pulse Security’s Denis Andzakovic reported that an attacker needs to leverage a victim’s saved game to take advantage of the vulnerability in the game, which was released on Sept. 20, 2019. “Untitled Goose…

Next post in Vulnerabilities