Exploits and vulnerabilities – Page 23 – Computer Security Articles

MalwareBytes Security

Update now! VMWare patches critical vulnerabilities in several products

August 3, 2022 admin cve-2022-31656, cve-2022-31658, cve-2022-31659, cve-2022-31660, cve-2022-31661, cve-2022-31664, cve-2022-31665, cvss, Exploits and vulnerabilities, identity manager, jdbc, one access, RCE, vmsa-2022-0021, VMware, vmware workspace, vrealize automation

Credit to Author: Pieter Arntz| Date: Wed, 03 Aug 2022 13:27:47 +0000

In a critical security advisory VMWare patches multiple RCE and EoP vulnerabilities in several affected products.

The post Update now! VMWare patches critical vulnerabilities in several products appeared first on Malwarebytes Labs.

MalwareBytes Security

Millions of Arris routers are vulnerable to path traversal attacks

August 1, 2022 admin arris, cve-2022-26992, cve-2022-31793, derek abdine, Exploits and vulnerabilities, muhttpd, path traversal, remote administration

Credit to Author: Pieter Arntz| Date: Mon, 01 Aug 2022 17:31:40 +0000

A researcher has found a serious vulnerability in the muhttpd webserver that is used in millions of routers and modems. A patch is available but ISPs are often slow to push out firmware updates.

The post Millions of Arris routers are vulnerable to path traversal attacks appeared first on Malwarebytes Labs.

MalwareBytes Security

IIS extensions are on the rise as backdoors to servers

July 27, 2022 admin backdoor, cryptomining, Exploits and vulnerabilities, extensions, iis, modules, proxylogon, proxyshell, reports, Server, wdigest

Credit to Author: Pieter Arntz| Date: Wed, 27 Jul 2022 13:58:06 +0000

The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers.

The post IIS extensions are on the rise as backdoors to servers appeared first on Malwarebytes Labs.

MalwareBytes Security

SonicWall urges customers to patch critical SQL injection bug ASAP

July 26, 2022 admin cve-2022-22280, Exploits and vulnerabilities, global management system, gms, open web application security project, OWASP, SonicWall, sonicwall psirt, sqli, WAF, web application firewal

Credit to Author: Malwarebytes Labs| Date: Tue, 26 Jul 2022 15:57:20 +0000

SonicWall GMS and Analytics are vulnerable to an SQL injection bug, tracked as CVE-2022-22280.

The post SonicWall urges customers to patch critical SQL injection bug ASAP appeared first on Malwarebytes Labs.

MalwareBytes Security

Update Google Chrome now! New version includes 11 important security patches

July 25, 2022 admin chrome, cve-2022-2477, cve-2022-2479, cve-2022-2480, cve-2022-2481, cve-20222478, Exploits and vulnerabilities, google, Use After Free

Credit to Author: Pieter Arntz| Date: Mon, 25 Jul 2022 11:39:51 +0000

Google has issued an update for the Chrome browser that includes 11 security fixes, including 5 with a high severity

The post Update Google Chrome now! New version includes 11 important security patches appeared first on Malwarebytes Labs.

MalwareBytes Security

Vulnerabilities in GPS tracker could have “life-threatening” implications

July 21, 2022 admin cve-2022-2107, cve-2022-2141, cve-2022-21999, cve-2022-33944, cve-2022-34150, Exploits and vulnerabilities, GPS, micodus, mv720, reports, tracker

Credit to Author: Pieter Arntz| Date: Thu, 21 Jul 2022 09:57:08 +0000

Researchers have discovered six vulnerabilities in the MiCODUS MV720 GPS tracker, a popular automotive tracking device.

The post Vulnerabilities in GPS tracker could have “life-threatening” implications appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now—July Patch Tuesday patches include fix for exploited zero-day

July 13, 2022 admin adobe, azure site recovery, Cisco, Citrix, csrss, cve-2022-22029, cve-2022-22038, cve-2022-22039, cve-2022-22047, cve-2022-30221, Exploits and vulnerabilities, google android, Patch Tuesday, SAP, SQL Injection, VMware

Credit to Author: Pieter Arntz| Date: Wed, 13 Jul 2022 12:21:53 +0000

July’s Patch Tuesday gives us a lot of important security updates. Most prominently, a known to be exploited vulnerability in Windows CSRSS.

The post Update now—July Patch Tuesday patches include fix for exploited zero-day appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! Chrome patches ANOTHER zero-day vulnerability

July 5, 2022 admin cve-2022-2294, Exploits and vulnerabilities, heap buffer overflow, WebRTC, Zero-Day

Credit to Author: Pieter Arntz| Date: Tue, 05 Jul 2022 13:56:04 +0000

Google has patched a vulnerability in Chrome which was being exploited in the wild. Make sure you’re using the latest version.

The post Update now! Chrome patches ANOTHER zero-day vulnerability appeared first on Malwarebytes Labs.