Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Data Vigilante Leaks 8 Million Employee Records from Amazon, HP and Others

Aftermath of MOVEit vulnerability: Data vigilante ‘Nam3L3ss’ leaks nearly 8 million employee records from industry giants like Amazon,…

HackRead
#vulnerability#web#google#microsoft#amazon#git#intel#aws#lenovo#nokia#mongo
Citrix Issues Patches for Zero-Day Recording Manager Bugs

There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE."

Red Hat Security Advisory 2024-9092-03

Red Hat Security Advisory 2024-9092-03 - An update for freerdp is now available for Red Hat Enterprise Linux 9. Issues addressed include heap overflow, integer overflow, and out of bounds read vulnerabilities.

Citrix 'Recording Manager' Zero-Day Bug Allows Unauthenticated RCE

The security vulnerability is due to an exposed Microsoft Message Queuing (MSMQ) instance and the use of the insecure BinaryFormatter.

The Power of the Purse: How to Ensure Security by Design

CISA should make its recommended goals mandatory and perform audits to ensure compliance.

The WIRED Guide to Protecting Yourself From Government Surveillance

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to evade it.

CVE-2024-49002: SQL Server Native Client Remote Code Execution Vulnerability

**I am running SQL Server on my system. What action do I need to take?** Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates. **I am running my own application on my system. What action do I need to take?** Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability. **I am running an application from a software vendor on my system. What action do I need to take?** Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability **There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?** * First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Micr...

CVE-2024-49001: SQL Server Native Client Remote Code Execution Vulnerability

**I am running SQL Server on my system. What action do I need to take?** Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates. **I am running my own application on my system. What action do I need to take?** Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability. **I am running an application from a software vendor on my system. What action do I need to take?** Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability **There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?** * First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Micr...

CVE-2024-49004: SQL Server Native Client Remote Code Execution Vulnerability

**I am running SQL Server on my system. What action do I need to take?** Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates. **I am running my own application on my system. What action do I need to take?** Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability. **I am running an application from a software vendor on my system. What action do I need to take?** Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability **There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?** * First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Micr...

CVE-2024-49003: SQL Server Native Client Remote Code Execution Vulnerability

**I am running SQL Server on my system. What action do I need to take?** Update your relevant version of SQL Server. Any applicable driver fixes are included in those updates. **I am running my own application on my system. What action do I need to take?** Update your application to use Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed on this page, which provide protection against this vulnerability. **I am running an application from a software vendor on my system. What action do I need to take?** Consult with your application vendor if it is compatible with Microsoft OLE DB Driver 18 or 19. Update the drivers to the versions listed in this page, which provide protection against this vulnerability **There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?** * First, determine your SQL Server version number. For more information on determining your SQL Server version number, see Micr...