Microsoft Releases May 2024 Patch Tuesday Security Updates

Microsoft has released its May 2024 Patch Tuesday security updates to fix 60 vulnerabilities across its products, including two vulnerabilities that were detected being exploited in the wild. Tracked as CVE-2024-30051, the first exploited vulnerability is in the Windows DWM Core Library and could allow an adversary to gain SYSTEM-level privileges. Additionally, based on the continue reading : Microsoft Releases May 2024 Patch Tuesday Security Updates

Actively Exploited Zero-Day Vulnerability in Google Chrome (CVE-2024-4671)

Google has released Chrome Version 124.0.6367.201/.202 for Mac and Windows and 124.0.6367.201 for Linux to address a zero-day vulnerability tracked as CVE-2024-4671. Based on the official site for Chrome updates, “Google is aware that an exploit for CVE-2024-4671 exists in the wild”. _____________________________ A. Nature of the Vulnerability CVE-2024-4671 Use after free in Visuals in continue reading : Actively Exploited Zero-Day Vulnerability in Google Chrome (CVE-2024-4671)

Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote code execution (RCE) on affected systems. A. Nature of the Vulnerabilities CVE-2024-26304 (CVSS score: 9.8) – Unauthenticated Buffer Overflow Vulnerability in the L2/L3 Management Service Accessed via the PAPI Protocol CVE-2024-26305 (CVSS score: 9.8) continue reading : Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

Critical Vulnerability in Palo Alto Global Protect (CVE-2024-3400)

Palo Alto Networks has released a security advisory related to critical vulnerability with a CVSS score of 10, currently exploited in the wild in a limited number of attacks. Tracked as CVE-2024-3400, this vulnerability, which is within the GlobalProtect feature of Palo Alto Networks PAN-OS, could allow malicious actors to execute arbitrary code with root continue reading : Critical Vulnerability in Palo Alto Global Protect (CVE-2024-3400)

Microsoft Releases April 2024 Patch Tuesday Security Updates

Microsoft has released its April 2024 Patch Tuesday security updates to fix 149 vulnerabilities across its products, including one vulnerability that Microsoft detected being exploited in the wild. Additionally, it’s worth noting the critical vulnerabilities tracked as CVE-2024-21322, CVE-2024-21323, and CVE-2024-29053, which are also included in the patch notes for the month of April. _____________________________ continue reading : Microsoft Releases April 2024 Patch Tuesday Security Updates