Security
Headlines
HeadlinesLatestCVEs

Headline

Apple Fixed a Serious iOS Security Flaw—Have You Updated Yet?

Plus: Chrome patches another zero-day flaw, Microsoft closes up 100 vulnerabilities, Android gets a significant patch, and more.

Wired
#sql#vulnerability#web#ios#android#mac#windows#apple#google#microsoft#cisco#rce#vmware#nokia#samsung#auth#ibm#zero_day#chrome#webkit

August was a bumper month for security patches, with Apple, Google, and Microsoft among the firms issuing emergency fixes for already exploited vulnerabilities. The month also saw some big fixes arriving from the likes of VMWare, Cisco, IBM, and Zimbra.

Here’s everything you need to know about the important security fixes issued in August.

Apple iOS 15.6.1

After a two-month patch hiatus, followed by multiple fixes in July, Apple released an emergency security update in August with iOS 15.6.1. The iOS update fixed two flaws, both of which were being used by attackers in the wild.

It is thought that the vulnerabilities in WebKit (CVE-2022-32893) and the Kernel (CVE-2022-32894) were being chained together in attacks, with serious consequences. A successful attack could allow an adversary to take control of your iPhone and access your sensitive files and banking details.

Combining the two flaws “typically provides all the functionality needed to mount a device jailbreak,” bypassing almost all Apple-imposed security restrictions, Paul Ducklin, a principal research scientist at Sophos, wrote in a blog analyzing the vulnerabilities. This would potentially allow adversaries to “install background spyware and keep you under comprehensive surveillance,” Ducklin explained.

Apple always avoids giving out details about vulnerabilities until most people have updated, so it’s hard to know who the attack targets were. To ensure you are safe, you should update your devices to iOS 15.6.1 without delay.

Apple also released iPadOS 15.6.1, watchOS 8.7.1, and macOS Monterey 12.5.1, all of which you should update at the next opportunity.

Google Chrome

Google released a security update in August to fix its fifth zero-day flaw this year. In an advisory, Google listed 11 vulnerabilities fixed in August. The patches include a use-after-free flaw in FedCM—tracked as CVE-2022-2852 and rated as critical—as well as six highly rated issues and three classed as having a medium impact. One of the highly rated vulnerabilities has been exploited by attackers, CVE-2022-2856.

Google hasn’t provided any detail about the exploited flaw, but since attackers have gotten ahold of the details, it’s a good idea to update Chrome now.

Earlier in August, Google released Chrome 104, fixing 27 vulnerabilities, seven of which were rated as having a high impact.

Google Android

The August Android security patch was a hefty one, with dozens of fixes for serious vulnerabilities, including a flaw in the framework that could lead to local privilege escalation with no additional privileges needed. Meanwhile, an issue in the media framework could lead to remote information disclosure, and a flaw in the system could lead to remote code execution over Bluetooth. A vulnerability in kernel components could also lead to local escalation of privileges.

The Android security patch was late in August, but it’s now available on such devices as Google’s Pixel range, the Nokia T20, and Samsung Galaxy devices (including the Galaxy S series, Galaxy Note series, Galaxy Fold series, and Galaxy Flip series).

Microsoft

Microsoft’s August Patch Tuesday fixed over 100 security flaws, of which 17 are rated as critical. Among the fixes was a patch for an already exploited flaw tracked as CVE-2022-34713, also known as DogWalk.

The remote code execution (RCE) flaw in the Windows Support Diagnostic Tool (MDST) is rated as having a high impact because exploiting it can result in a system compromise. The vulnerability, which affects all users of Windows and Windows Server, was first exposed over two years ago in January 2020, but Microsoft didn’t consider it a security issue at the time.

VMWare

VMWare fixed a bunch of flaws in August, including a critical authentication bypass bug tracked as CVE-2022-31656. On releasing the patch, the software firm warned that public exploit code is available.

VMWare also fixed an RCE vulnerability in VMware Workspace ONE Access, Identity Manager, and Aria Automation (formerly vRealize Automation), tracked as CVE-2022-31658 with a CVSS score of eight. Meanwhile, a SQL injection RCE vulnerability found in VMware Workspace ONE Access and Identity Manager also got a CVSS score of eight. Both require an attacker to have administrator and network access before they can trigger remote code execution.

Related news

CVE-2023-33653: Bypass IIS Authorisation with this One Weird Trick - Three RCEs and Two Auth Bypasses in Sitecore 9.3

Sitecore Experience Platform (XP) v9.3 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /Applications/Content%20Manager/Execute.aspx?cmd=convert&mode=HTML.

CVE-2022-45103: DSA-2022-340: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax vApp, Dell Solutions Enabler vApp, Dell Unisphere 360, Dell VASA Provider vApp, and Dell PowerMax EMB Mgmt Security Update for Mu

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.

Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability

Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022. Type confusion

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be

CVE-2022-32835: About the security content of watchOS 9

This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.

Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?

Supply chain attacks were all the rage in 2020 after SolarWinds, but we seem to have forgotten how important they are.

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Tech giant Apple on Monday rolled out updates to remediate a zero-day flaw in iOS and iPadOS that it said has been actively exploited in the wild. The weakness, given the identifier CVE-2022-42827, has been described as an out-of-bounds write issue in the Kernel, which could be abused by a rogue application to execute arbitrary code with the highest privileges. Successful exploitation of

Microsoft Patch Tuesday September 2022: CLFS Driver EoP, IP packet causes RCE, Windows DNS Server DoS, Spectre-BHB

Hello everyone! Let’s take a look at Microsoft’s September Patch Tuesday. This time it is quite compact. There were 63 CVEs released on Patch Tuesday day. If we add the vulnerabilities released between August and September Patch Tuesdays (as usual, they were in Microsoft Edge), the final number is 90. Much less than usual. Alternative […]

CVE-2022-32917: About the security content of macOS Big Sur 11.7

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

RHSA-2022:6634: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32893: webkitgtk: processing maliciously crafted web content may lead to arbitrary code execution

Ubuntu Security Notice USN-5611-1

Ubuntu Security Notice 5611-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Important update! iPhones, Macs, and more vulnerable to zero-day bug

Categories: Exploits and vulnerabilities Categories: News Apple has patched an actively-exploited flaw that affects a host of devices and software, including iPhones, Macs, iPads, and iPod touch. (Read more...) The post Important update! iPhones, Macs, and more vulnerable to zero-day bug appeared first on Malwarebytes Labs.

Zero-day puts a dent in Chrome's mojo

Categories: Exploits and vulnerabilities Categories: News The Google Chrome Team recently issued a fix for the CVE-2022-3075 zero-day. (Read more...) The post Zero-day puts a dent in Chrome's mojo appeared first on Malwarebytes Labs.

Google Release Urgent Chrome Update to Patch New Zero-Day Vulnerability

Google on Friday shipped emergency fixes to address a security vulnerability in the Chrome web browser that it said is being actively exploited in the wild. The issue, assigned the identifier CVE-2022-3075, concerns a case of insufficient data validating in Mojo, which refers to a collection of runtime libraries that provide a platform-agnostic mechanism for inter-process communication (IPC). An

Apple releases security update for iPhones and iPads to address vulnerability

Categories: News Tags: Apple Tags: iOS 12.5.6 Tags: webkit Tags: CVE-2022-32893 Apple has released a security update for iOS 12.5.6 to patch a remotely exploitable WebKit vulnerability that allows attackers to execute arbitrary code on unpatched devices. (Read more...) The post Apple releases security update for iPhones and iPads to address vulnerability appeared first on Malwarebytes Labs.

Apple Security Advisory 2022-08-31-1

Apple Security Advisory 2022-08-31-1 - iOS 12.5.6 addresses code execution and out of bounds write vulnerabilities.

Gentoo Linux Security Advisory 202208-39

Gentoo Linux Security Advisory 202208-39 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.36.7 are affected.

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The issue, tracked as CVE-2022-32893 (CVSS score: 8.8), is an out-of-bounds write issue affecting WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. The tech

Threat Source newsletter (Aug. 25, 2022) — Why aren't Lockdown modes the default setting on phones?

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  Russia’s invasion of Ukraine was once the most talked about story in the world. Six months into the conflict, modern attention spans have moved on to other news stories. But Ukraine Independence Day yesterday should serve as a reminder to everyone that the threats to Ukraine have not gone anywhere.  The country still faces a physical conflict with Russia every day that seemingly has no easy end, and the barrage of cyber attacks is suspected to continue.   As discussed in our livestream yesterday, Talos continues to see evolving cybersecurity threats in the region, including the most recent GoMet backdoor. And as Joe Marshall highlighted in his blog post last week, Ukraine’s agriculture industry — which is vital to the global food supply chain — remains vulnerable to kinetic and virtual attacks. Because there’s been no one major cyber attack against Ukraine since Russia’s invasion began, the larg...

Threat Source newsletter (Aug. 25, 2022) — Why aren't Lockdown modes the default setting on phones?

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  Russia’s invasion of Ukraine was once the most talked about story in the world. Six months into the conflict, modern attention spans have moved on to other news stories. But Ukraine Independence Day yesterday should serve as a reminder to everyone that the threats to Ukraine have not gone anywhere.  The country still faces a physical conflict with Russia every day that seemingly has no easy end, and the barrage of cyber attacks is suspected to continue.   As discussed in our livestream yesterday, Talos continues to see evolving cybersecurity threats in the region, including the most recent GoMet backdoor. And as Joe Marshall highlighted in his blog post last week, Ukraine’s agriculture industry — which is vital to the global food supply chain — remains vulnerable to kinetic and virtual attacks. Because there’s been no one major cyber attack against Ukraine since Russia’s invasion began, the larg...

CVE-2022-32894: About the security content of iOS 15.6.1 and iPadOS 15.6.1

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

CVE-2022-32894: About the security content of iOS 15.6.1 and iPadOS 15.6.1

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

Hello everyone! In this episode, let’s take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into account the vulnerabilities added between the July and August […]

Gentoo Linux Security Advisory 202208-35

Gentoo Linux Security Advisory 202208-35 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 104.0.5112.101 are affected.

Gentoo Linux Security Advisory 202208-35

Gentoo Linux Security Advisory 202208-35 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 104.0.5112.101 are affected.

CISA wants you to patch these actively exploited vulnerabilities before September 8

Categories: Exploits and vulnerabilities Categories: News CISA updated its catalog of actively exploited vulnerabilities. Make sure you update your software before the due date! (Read more...) The post CISA wants you to patch these actively exploited vulnerabilities before September 8 appeared first on Malwarebytes Labs.

CISA wants you to patch these actively exploited vulnerabilities before September 8

Categories: Exploits and vulnerabilities Categories: News CISA updated its catalog of actively exploited vulnerabilities. Make sure you update your software before the due date! (Read more...) The post CISA wants you to patch these actively exploited vulnerabilities before September 8 appeared first on Malwarebytes Labs.

CISA wants you to patch these actively exploited vulnerabilities before September 8

Categories: Exploits and vulnerabilities Categories: News CISA updated its catalog of actively exploited vulnerabilities. Make sure you update your software before the due date! (Read more...) The post CISA wants you to patch these actively exploited vulnerabilities before September 8 appeared first on Malwarebytes Labs.

CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The issue in question is CVE-2022-22536, which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed by SAP as part of its Patch

CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The issue in question is CVE-2022-22536, which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed by SAP as part of its Patch

CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday moved to add a critical SAP security flaw to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The issue in question is CVE-2022-22536, which has received the highest possible risk score of 10.0 on the CVSS vulnerability scoring system and was addressed by SAP as part of its Patch

Patch Now: 2 Apple Zero-Days Exploited in Wild

The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response.

Patch Now: 2 Apple Zero-Days Exploited in Wild

The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response.

Apple Security Advisory 2022-08-17-1

Apple Security Advisory 2022-08-17-1 - iOS 15.6.1 and iPadOS 15.6.1 addresses code execution and out of bounds write vulnerabilities.

Apple Security Advisory 2022-08-17-1

Apple Security Advisory 2022-08-17-1 - iOS 15.6.1 and iPadOS 15.6.1 addresses code execution and out of bounds write vulnerabilities.

Apple Security Advisory 2022-08-17-2

Apple Security Advisory 2022-08-17-2 - macOS Monterey 12.5.1 addresses code execution and out of bounds write vulnerabilities.

Apple Security Advisory 2022-08-17-2

Apple Security Advisory 2022-08-17-2 - macOS Monterey 12.5.1 addresses code execution and out of bounds write vulnerabilities.

iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.

iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.

Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Urgent update for macOS and iOS! Two actively exploited zero-days fixed

Categories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: CVE-2022-32894 Tags: CVE-2022-32893 Tags: kernel privileges Tags: WebKit Tags: actively exploited Tags: watering hole Tags: exploit kit Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. (Read more...) The post Urgent update for macOS and iOS! Two actively exploited zero-days fixed appeared first on Malwarebytes Labs.

Urgent update for macOS and iOS! Two actively exploited zero-days fixed

Categories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: CVE-2022-32894 Tags: CVE-2022-32893 Tags: kernel privileges Tags: WebKit Tags: actively exploited Tags: watering hole Tags: exploit kit Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. (Read more...) The post Urgent update for macOS and iOS! Two actively exploited zero-days fixed appeared first on Malwarebytes Labs.

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below - CVE-2022-32893 - An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web content CVE-2022-32894 - An

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below - CVE-2022-32893 - An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web content CVE-2022-32894 - An

Google Chrome Zero-Day Found Exploited in the Wild

The high-severity security vulnerability (CVE-2022-2856) is due to improper user-input validation.

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on

Update Chrome now! Google issues patch for zero day spotted in the wild

Categories: Exploits and vulnerabilities Categories: News Tags: 104.0.5112.101 Tags: Google Tags: Chrome Tags: CVE-2022-2852 Tags: CVE-2022-2856 Tags: CVE-2022-2854 Tags: CVE-2022-2853 Tags: UAF Tags: heap buffer overflow Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild. (Read more...) The post Update Chrome now! Google issues patch for zero day spotted in the wild appeared first on Malwarebytes Labs.

Update Chrome now! Google issues patch for zero day spotted in the wild

Categories: Exploits and vulnerabilities Categories: News Tags: 104.0.5112.101 Tags: Google Tags: Chrome Tags: CVE-2022-2852 Tags: CVE-2022-2856 Tags: CVE-2022-2854 Tags: CVE-2022-2853 Tags: UAF Tags: heap buffer overflow Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild. (Read more...) The post Update Chrome now! Google issues patch for zero day spotted in the wild appeared first on Malwarebytes Labs.

Threat Source newsletter (Aug. 11, 2022) — All of the things-as-a-service

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  Everyone seems to want to create the next “Netflix” of something. Xbox’s Game Pass is the “Netflix of video games.” Rent the Runway is a “Netflix of fashion” where customers subscribe to a rotation of fancy clothes.  And now threat actors are looking to be the “Netflix of malware.” All categories of malware have some sort of "as-a-service" twist now. Some of the largest ransomware groups in the world operate “as a service,” allowing smaller groups to pay a fee in exchange for using the larger group’s tools.   Our latest report on information-stealers points out that “infostealers as-a-service" are growing in popularity, and our researchers also discovered a new “C2 as-a-service" platform where attackers can pay to have this third-party site act as their command and control. And like Netflix, this Dark Utilities site offers several other layers of tools and malware to choose from. This is a parti...

Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws

August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.

Update now! Microsoft fixes two zero-days in August's Patch Tuesday

Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: patch Tuesday Tags: MSDT Tags: NFS Tags: PPP Tags: Exchange Tags: CVE-2022-34713 Tags: CVE-2022-35743 Tags: DogWalk Tags: CVE-2022-30134 Tags: CVE-2022-24477 Tags: CVE-2022-24516 Tags: CVE-2022-30133 Tags: CVE-2022-34715 Tags: Adobe Tags: Cisco Tags: Google Tags: Android Tags: SAP Tags: VMWare Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft's fixed and a brief look at what other vendors did. (Read more...) The post Update now! Microsoft fixes two zero-days in August's Patch Tuesday appeared first on Malwarebytes Labs.

CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a

Microsoft Issues Patches for 121 Flaws, Including Zero-Day Under Active Attack

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wild. Of the 121 bugs, 17 are rated Critical, 102 are rated Important, one is rated Moderate, and one is rated Low in severity. Two of the issues

Microsoft Patch Tuesday, August 2022 Edition

Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows. Redmond also addressed multiple flaws in Exchange Server — including one that was disclosed publicly prior to today — and it is urging organizations that use Exchange for email to update as soon as possible and to enable additional protections.

Microsoft Patch Tuesday for August 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw and Vanja Svajcer. Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its line of products and software, the most in a single Patch Tuesday in four months.   This batch of updates also includes a fix for a new vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT) that’s actively being exploited in the wild, according to Microsoft. MSDT was already the target of the so-called “Follina” zero-day vulnerability in June.   In all, August’s Patch Tuesday includes 15 critical vulnerabilities and a single low- and moderate-severity issue. The remainder is classified as “important.”  Two of the important vulnerabilities CVE-2022-35743 and CVE-2022-34713 are remote code execution vulnerabilities in MSDT. However, only CVE-2022-34713 has been exploited in the wild and Microsoft considers it “more likely” to be exploited. Microsoft Exchange Server contains two critical elevation of privilege vulnerabilities, CVE-2...

Microsoft Patches Zero-Day Actively Exploited in the Wild

The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.

CVE-2022-34713

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35743.

CVE-2022-31658: VMSA-2022-0021

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

CVE-2022-31658: VMSA-2022-0021

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

Time to Patch VMware Products Against a Critical New Vulnerability

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.

VMWare Urges Users to Patch Critical Authentication Bypass Bug

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.

VMWare Urges Users to Patch Critical Authentication Bypass Bug

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.

Update now! VMWare patches critical vulnerabilities in several products

In a critical security advisory VMWare patches multiple RCE and EoP vulnerabilities in several affected products. The post Update now! VMWare patches critical vulnerabilities in several products appeared first on Malwarebytes Labs.

Update now! VMWare patches critical vulnerabilities in several products

In a critical security advisory VMWare patches multiple RCE and EoP vulnerabilities in several affected products. The post Update now! VMWare patches critical vulnerabilities in several products appeared first on Malwarebytes Labs.

Update now! VMWare patches critical vulnerabilities in several products

Categories: Exploits and vulnerabilities Tags: CVSS Tags: rce Tags: vmware In a critical security advisory VMWare patches multiple RCE and EoP vulnerabilities in several affected products. (Read more...) The post Update now! VMWare patches critical vulnerabilities in several products appeared first on Malwarebytes Labs.

Update now! VMWare patches critical vulnerabilities in several products

Categories: Exploits and vulnerabilities Tags: CVSS Tags: rce Tags: vmware In a critical security advisory VMWare patches multiple RCE and EoP vulnerabilities in several affected products. (Read more...) The post Update now! VMWare patches critical vulnerabilities in several products appeared first on Malwarebytes Labs.

VMware Releases Patches for Several New Flaws Affecting Multiple Products

Virtualization services provider VMware on Tuesday shipped updates to address 10 security flaws affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions. The issues tracked from CVE-2022-31656 through CVE-2022-31665 (CVSS scores: 4.7 - 9.8) affect the VMware Workspace ONE Access, Workspace ONE Access Connector, Identity Manager, Identity Manager

VMware Releases Patches for Several New Flaws Affecting Multiple Products

Virtualization services provider VMware on Tuesday shipped updates to address 10 security flaws affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions. The issues tracked from CVE-2022-31656 through CVE-2022-31665 (CVSS scores: 4.7 - 9.8) affect the VMware Workspace ONE Access, Workspace ONE Access Connector, Identity Manager, Identity Manager

Wired: Latest News

Mystery Drone Sightings Lead to FAA Ban Despite No Detected Threats