[ad_1] The flaws exist in the Windows Adobe Type Manager Library, which allows apps to manage and render fonts available from Adobe Systems. Attackers may exploit the vulnerabilities by getting their targets to open booby-trapped documents or view them in the Windows preview pane. Microsoft is still working to fix the vulnerabilities. The earliest it […]
Category: vulnerability
Microsoft issues emergency Windows 10 patch for leaked vulnerability
[ad_1] The security hole exists in Microsoft’s Server Message block (SMB) protocol on recent 32- and 64-bit versions of Windows 10 both on the client and server sides. Researchers from Microsoft and elsewhere labeled it critical because the compromise of a single machine could compromise others on the same network. Microsoft said that there’s no […]
AMD CPUs for the past 9 years are vulnerable to data leak attacks
[ad_1] Unlike some side channel attacks, it hasn’t taken long to show how these exploits would work in the real world. The team took advantage of the flaws using JavaScript in common browsers like Chrome and Firefox, not to mention virtual machines in the cloud. While Take A Way only dribbles out a small amount […]
Researchers discover that Intel chips have an unfixable security flaw
[ad_1] The vulnerability is another in a string of Intel chip flaws that have damaged the chipmaker’s reputation of late. In 2018, Intel faced heavy criticism over the Meltdown and Spectre flaws in Intel chips that could have allowed attackers to steal data. CSME, which has its own 486-based CPU, RAM and boot ROM, is […]
It took Google months to patch a serious Android security flaw
[ad_1] Google noted the patch (CVE-2020-0069) in its March Android security bulletin. While this is the first public disclosure, details about the exploit have been online for months. The vulnerability is still exploitable on dozens of device models, and hackers are actively using it. Worse, in all likelihood, many devices will never get the patch […]
Android security flaw lets attackers send malware over Bluetooth
[ad_1] BlueFrag doesn’t work with Android 10. It’s possible that versions before Android 8 are affected, but the team hadn’t “evaluated the impact” on older releases. You can protect yourself by installing the February 2020 security patch, and the Bluetooth nature of the flaw means that you’ll have to be relatively close to an attacker. […]
WhatsApp desktop security flaw gave intruders remote access to files
[ad_1] Facebook built WhatsApp on an Electron framework that makes it easier to deliver multi-platform apps based on web technology. As Ars Technica explained, though, Electron isn’t secure if an app is based on an outdated web engine. The flaws affect WhatsApp’s desktop software from version 0.3.9309 and earlier, as well as people who paired […]
Intel is patching its Zombieload CPU security flaw for the third time
[ad_1] Compared to the MDS flaws Intel addressed in those two previous patches, these latest ones have a couple of limitations. To start, one of the vulnerabilities, L1DES, doesn’t work on Intel’s more recent chips. Moreover, a hacker can’t execute the attack using a web browser. Intel also says it’s “not aware” of anyone taking […]
Microsoft will fix an Internet Explorer security flaw under active attack
[ad_1] The issue is significant enough that Homeland Security issued an advisory encouraging people to both be aware of the flaw and consider implementing workarounds, including temporarily restricting access to jscript.dll. Unlike the Firefox bug, though, you’ll have to wait a while for a patch. Microsoft said it wasn’t likely to provide its fix until […]
Homeland Security wants you to update your Firefox browser right now
[ad_1] Mozilla is “aware of targeted attacks in the wild abusing this flaw.” In a statement provided to Engadget, a Mozilla spokesperson said, “on Tuesday, January 7, 2020, Chinese security firm Qihoo 360 reported a vulnerability that was used as part of targeted attacks on a local network. We started shipping Firefox updates to address […]