Firefox 115 is out, says farewell to older Windows and Mac users
No zero-days this month, so you’re patching to stay ahead, not merely to catch up!
patch
WordPress plugin lets users become admins – Patch early, patch often!
Ultimate Member plugin lets rogue users choose their own site capabilities, including becoming admins.
Apple patch fixes zero-day kernel hole reported by Kaspersky – update now!
Apple didn’t use the words “Triangulation Trojan”, but you probably will.
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)
CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation…
ASUS warns router customers: Patch now, or block all inbound requests
“Do as we say, not as we do!” – The patches took ages to come out, but don’t let that lure you into taking ages to install them.
Easily bypassed patch makes zero-click Outlook flaw exploitable again (CVE-2023-29324)
Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as “important.” Akamai’s research team and Ben Barnea, the researcher who’s cred…
Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)
A recently patched vulnerability (CVE-2023-21932) in Oracle Opera, a property management system widely used in large hotel and resort chains, is more critical than Oracle says it is and could be easily exploited by unauthenticated remote attackers to a…
Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused
Just when we’d got used to three-numbered versions, such as “13.3.1”, here comes an update suffix, bringing you “13.3.1 (a)”…
Double zero-day in Chrome and Edge – check your versions now!
Wouldn’t it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?
Veeam Backup & Replication admins, get patching! (CVE-2023-27532)
Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the fix as soon as possible. About CVE-2023-27532 The nature of CVE-2023-27532 has…