Since the start of June there has been a confusing number of security vulnerabilities reported in the Windows Print Spooler. Let me explain what is going on. CVE-2021-1675 This is the vulnerability that caused some initial confusion – a Remote Code Execution vulnerability in the Windows Print Spooler. This is not the vulnerability known as […]
The PrintNightmare continues Read More »
July is another bumper month for Microsoft as they ship fixes for 117 security vulnerabilities, 13 of them rated as critical and at least 4 are currently under active attack by cyber criminals. The actively exploited vulnerabilities patched this month are: CVE-2021-34527 – Windows Print Spooler RCE Vulnerability – aka PrintNightmare It’s third time lucky
Microsoft’s July Patches fix 13 critical flaws Read More »
Microsoft has released an emergency patch that addresses the remote code execution vulnerability in the Windows Print Spooler, known as the PrintNightmare. According to Microsoft in their security advisory: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run
Microsoft releases emergency patch for PrintNightmare Read More »
A new report from Microsoft’s security research team details how the Netgear DGN-2200 broadband router can be compromised remotely, allowing attackers access to the internal network. Microsoft’s 365 Defender Research Team has published a detailed report that explains the flaws they discovered in the firmware of the Netgear DGN-2200v1 ADSL router, that enables a remote
Netgear broadband router vulnerable to remote compromise Read More »
The June security updates include 7 zero-day exploits fixed in Microsoft code, 5 high-severity bugs in Intel BIOS firmware and Security Library, and 21 critical vulnerabilities fixed in Adobe products. Microsoft Updates The June 2021 security updates from Microsoft resolves 7 zero-day vulnerabilities- six of them known to be exploited in the wild – and
June Patch Tuesday and Vulnerability Roundup Read More »
Hewlett Packard Enterprise has released a patch to fix a critical remote code execution vulnerability in the Windows version of their System Insight Manager. The bug in the Federated Search and CMS Configuration (CVE-2020-7200) feature of version 7.6.x of HPE SIM, has a critical CVSS score of 9.8. According to the security advisory from HPE,
HPE patches RCE 0day in SIM software Read More »
A report from PaloAlto Networks coins a new security metric: Mean Time to Inventory in order to highlight the incredible speed with which attackers are now targeting new vulnerabilities as soon as they are publicly disclosed. The report is based on three month’s monitoring of 50 million IP addresses owned by global enterprises in order
What is Mean Time To Inventory? Read More »
21 critical vulnerabilities have been discovered in the Exim Email server, some of which can be exploited to perform full remote unauthenticated code execution and gain root privilege on the server. Called 21Nails, this set of vulnerabilities is, to the Unix world, as serious as the ProxyLogon vulnerabilities recently discovered in Microsoft Exchange Server. The
Exim Mail Server 21Nails critical vulnerabilities Read More »
For the last 12 years, a driver deployed on millions of Dell computer systems contains 5 severe vulnerabilities which can be exploited to take over the system. First reported by researchers at SentinelOne, the vulnerabilities allow a local user to escalate their privilege and obtain admin rights on the Windows operating system. The vulnerabilities are
Millions of Dell systems vulnerable Read More »
Apple has released MacOS 11.3 which patches a critical zero-day bug that allows malware to bypass the built in Gatekeeper and Notarization protections designed to protect users from malicious software. The bug is already under active attack from Shlayer malware and because it is trivial to replicate, you can expect to see a slew of
Apple patches critical zero-day in MacOS Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.