Tag: update
-
Patchday: Microsoft Office Updates (8. April 2025)
by
in SecurityNewsAm 8. April2025 (zweiter Dienstag im Monat, Microsoft Patchday) hat Microsoft mehrere sicherheitsrelevante Updates für Microsoft Office 2016, sowie die C2R-Varianten (Office 2016-2021 und 365) und andere Produkte veröffentlicht. Nachfolgend finden Sie eine Übersicht über die verfügbaren Updates. Eine Übersicht … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/10/patchday-microsoft-office-updates-8-april-2025/
-
April’s Patch Tuesday leaves unlucky Windows Hello users unable to login
by
in SecurityNewsCan’t Redmond ask its whizz-bang Copilot AI to fix it? First seen on theregister.com Jump to article: www.theregister.com/2025/04/09/microsoft_hello_patch/
-
Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day
by
in SecurityNewsOne CVE was used against “a small number of targets.” Windows 10 users needed to wait a little bit for their patches. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-april-2025/
-
Flaws in Google Quick Share for Windows addressed via patch
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/flaws-in-google-quick-share-for-windows-addressed-via-patch
-
Microsoft’s April 2025 bumper Patch Tuesday corrects 124 bugs
by
in SecurityNewsMicrosoft is correcting 124 vulnerabilities in its March Patch Tuesday, one of which is being actively exploited in the wild, and 11 of which are ‘critical’ First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622332/Microsofts-April-2025-bumper-Patch-Tuesday-corrects-124-bugs
-
Windows 11 April update unexpectedly creates new ‘inetpub’ folder
Microsoft’s April 2025 Patch Tuesday updates are strangely creating an empty “inetpub” folder in the root of the C:\ drive, even on systems that do not have Internet Information Services (IIS) installed. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-april-update-unexpectedly-creates-new-inetpub-folder/
-
Critical Fortinet FortiSwitch flaw allows remote attackers to change admin passwords
by
in SecurityNewsFortinet addressed a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. Fortinet has released security updates to address a critical vulnerability, tracked as CVE-2024-48887 (CVSS score 9.8), in its FortiSwitch devices. A remote attacker can exploit the vulnerability to change administrator passwords. >>An unverified password change vulnerability [CWE-620]…
-
Exploited Windows zero-day addressed on April Patch Tuesday
by
in SecurityNewsMicrosoft delivers fixes for 121 vulnerabilities with 11 rated critical this month. Admins will have extra mitigation work to correct three flaws. First seen on techtarget.com Jump to article: www.techtarget.com/searchwindowsserver/news/366622229/Exploited-Windows-zero-day-addressed-on-April-Patch-Tuesday
-
Patch Tuesday Update April 2025
by
in SecurityNewsIn total, including third-party CVEs, in this Patch Tuesday edition, Microsoft published 134 CVEs, including 9 republished CVEs. Overall, Microsoft announced one Zero-Day, 11 Critical, and 113 Important vulnerabilities. From an Impact perspective, Escalation of Privilege (EoP) vulnerabilities accounted for 39%, followed by Remote Code Execution (RCE) at 28% and Information Disclosure (ID) at 13%….…
-
WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401)
by
in SecurityNewsWhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/09/whatsapp-vulnerability-windows-cve-2025-30401/
-
Unicorn Bug: Erster Angriff in freier Wildbahn
by
in SecurityNewsVor kurzem hat Microsoft ein Patch für eine kritische Schwachstelle veröffentlicht, die im Internet Explorer (IE) eine Remote-Code-Execution ermöglicht. Die Schwachstelle, bekannt als Unicorn Bug CVE-2014-6332, wurde bereits im Mai dieses Jahres von einem Forscher des IBM X-Force Security Teams entdeckt. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/11/25/unicorn-bug-erster-angriff-freier-wildbahn/
-
New Adobe Security Update Fixes Critical Exploits, Don’t Delay Your Update
by
in SecurityNewsAdobe has released a new security update addressing 30 vulnerabilities across various products, including multiple critical-severity bugs in ColdFusion versions”¯2025, 2023 and 2021 that could result in arbitrary file read and code execution. This Adobe security update includes patches for critical issues that could lead to code execution, arbitrary file system access, memory leaks, and…
-
Microsoft Security Update Summary (8. April 2025)
by
in SecurityNewsMicrosoft hat am 8. April 2025Sicherheitsupdates für Windows-Clients und -Server, für Office sowie für weitere Produkte veröffentlicht. Die Sicherheitsupdates beseitigen 121 Schwachstellen (CVEs), eine davon wurde als 0-day klassifiziert. Diese Schwachstelle wurde bereits angegriffen. Nachfolgend findet sich ein … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/09/microsoft-security-update-summary-8-april-2025/
-
ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider
by
in SecurityNewsIndustrial giants Siemens, Rockwell, Schneider and ABB have released their March 2025 Patch Tuesday ICS security advisories. The post ICS Patch Tuesday: Vulnerabilities Addressed by Rockwell, ABB, Siemens, Schneider appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ics-patch-tuesday-vulnerabilities-addressed-by-rockwell-abb-siemens-schneider/
-
April 2025 updates break Windows Hello on some PCs
by
in SecurityNewsMicrosoft says some Windows users might be unable to log into their accounts via Windows Hello after installing the April 2025 security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-april-2025-updates-break-windows-hello-on-some-pcs/
-
5 Big Google Cloud Security Announcements At Next 2025
by
in SecurityNewsGoogle Cloud announced its Google Unified Security platform along with new agentic security tools and other updates at Google Cloud Next 2025. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-big-google-cloud-security-announcements-at-next-2025
-
WhatsApp-Update: Nachrichten nun komplett verschlüsselt
by
in SecurityNewsDer Kurznachrichtendienst WhatsApp hat sich in der Vergangenheit nicht gerade mit Ruhm bekleckert, wenn es um die Sicherheit beim Versenden von Nachrichten ging. Das soll sich nun allerdings ändern, denn das aktuelle Update der Android-Version beinhaltet eine freudige Überraschung: eine Ende-zu-Ende-Verschlüsselung. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/11/19/whatsapp-update-nachrichten-nun-komplett-verschlusselt/
-
Microsoft Warns of Ransomware Attacks Exploiting CVE-2025-29824 Zero-Day
by
in SecurityNewsOn April 8, 2025, Microsoft released its monthly security updates, addressing a total of 121 vulnerabilities across various products. Among these, CVE-2025-29824, a zero-day vulnerability in the Windows Common Log File System (CLFS) Driver, has been actively exploited in ransomware… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-29824-zero-day-ransomware-attacks/
-
Word/Excel 2016: Abstürze nach April 2025 Update KB5002700?
by
in SecurityNewsDie Sicherheitsupdates vom 8. April 2025 für Microsoft Office scheinen einige Kollateralschäden zu verursachen. Neben dem Outlook 2016-Kalender-Problem scheint das Microsoft das Office-Update KB5002700 auch Word 2016 sowie Excel 2016 zum Absturz zu bringen. Office 2016 Update KB5002700 Das Update … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/09/word-2016-abstuerze-nach-april-2025-update-kb5002700/
-
Patchday: Windows Server-Updates (8. April 2025)
by
in SecurityNewsAm 8. April 2025 (zweiter Dienstag im Monat, Patchday bei Microsoft) wurden verschiedene kumulative Updates für die unterstützten Versionen von Windows Server freigegeben. Nachfolgend habe ich die bereitgestellten Updates samt einigen Details für diese Windows Server-Versionen (von Windows Server 2012 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/09/atchday-windows-server-updates-8-april-2025/
-
Vulnerabilities Patched by Ivanti, VMware, Zoom
by
in SecurityNewsIvanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday. The post Vulnerabilities Patched by Ivanti, VMware, Zoom appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vulnerabilities-patched-by-ivanti-vmware-zoom/
-
Adobe Security Update: Patches Released for Multiple Product Vulnerabilities
by
in SecurityNewsAdobe has announced critical security updates for several of its popular software products, addressing vulnerabilities that could potentially be exploited by attackers. The Product Security Incident Response Team (PSIRT) has urged all users to apply these updates immediately to protect their systems and data. These updates are part of Adobe’s ongoing commitment to ensuring the…
-
Microsoft Drops Another Massive Patch Update
by
in SecurityNewsA threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-drops-another-massive-patch-update
-
Outlook 2016: Kalender-Zugriff nach April 2025-Update KB5002700 gesperrt
by
in SecurityNewsZum 8. April 2025 hat Microsoft das Office-Update KB5002700 veröffentlicht, um eine Reihe Schwachstellen in Microsoft Office 2016 zu schließen. Nach Installation dieses Updates ist kein Zugriff auf dem Kalender mehr möglich. Es gibt aber einen schnellen Workaround, einfach die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/09/outlook-2016-kalender-zugriff-nach-april-2025-update-kb5002700-gesperrt/
-
Patchday: Windows 10/11 Updates (8. April 2025)
by
in SecurityNewsAm 8. April 2025 (zweiter Dienstag im Monat, Patchday bei Microsoft) hat Microsoft kumulative Updates für die noch unterstützten Client-Betriebssystem-Versionen von Windows 10 und Windows 11 veröffentlicht. Hier einige Details zu diesen Updates, die Schwachstellen sowie Probleme beheben sollen. Updates … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/09/patchday-windows-10-11-updates-8-april-2025/
-
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days
by
in SecurityNewsCISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog. The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-urges-urgent-patching-for-exploited-centrestack-windows-zero-days/
-
Zero-day bug used in ransomware attacks on US real estate firms
by
in SecurityNewsMicrosoft published a blog post on Tuesday about the bug alongside its larger Patch Tuesday release, detailing how hackers exploited the vulnerability and used a strain of malware called PipeMagic before deploying ransomware on victims. First seen on therecord.media Jump to article: therecord.media/microsoft-zero-day-used-ransomware-attack-real-estate
-
Google Patches Two Zero-Days in April 2025 Android Security Update
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/google-patches-two-zero-days-in-april-2025-android-security-update
-
The SQL Server Crypto Detour
by
in SecurityNews
Tags: access, api, backup, credentials, crypto, cryptography, data, encryption, jobs, microsoft, password, service, sql, tool, update, vulnerability, windowsAs part of my role as Service Architect here at SpecterOps, one of the things I’m tasked with is exploring all kinds of technologies to help those on assessments with advancing their engagement. Not long after starting this new role, I was approached with an interesting problem. A SQL Server database backup for a ManageEngine’s…