#microsoft

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Our researchers found fake sponsored search results that lead consumers to a typical fake Microsoft alert site set up by tech support scammers.

DMARC adoption is more important than ever following Google's and Yahoo's latest mandates for large email senders. This Tech Tip outlines what needs to be done to enable DMARC on your domain.

Weaponizing Microsoft's own services for command-and-control is simple and costless, and it helps attackers better avoid detection.

A recent campaign targeting Middle Eastern government organizations plays standard detection tools like a fiddle. With cyberattackers getting more creative, defenders must start keeping pace.

The Biden administration is asking tech companies to sign a pledge, obtained by WIRED, to improve their digital security, including reduced default password use and improved vulnerability disclosures.

Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

There is yet another attack possible against Protected Media Path process beyond the one involving two global XOR keys. The new attack may also result in the extraction of a plaintext content key value.

Architecting, deploying, and managing hybrid cloud environments can be a challenging and time-consuming process. It starts with processor selection, operating system configuration, application management, and workload protection, and it never ends. Every step requires a reliable, trusted software foundation with a comprehensive set of features and capabilities to fuel optimal performance, greater consistency, and enhanced security capabilities for your environment. With new features in Red Hat Enterprise Linux 9.4 (RHEL), you can speed-up and simplify many infrastructure life cycle operations