Microsoft has announced the deployment phase for the BlackLotus patch, along wi its details. If you are not aware, BlackLotus is a UEFI Secure Boot vulnerability that affects Windows 11, 10, and more.
Security patches RSS
Microsoft released a security fix for a Group Policy-related vulnerability for the oldest Windows 10 version recently. The patch should be will be deployed via the RSAT Server tool.
Microsoft released Windows security updates for Windows 11 as well as 10 this week via Patch Tuesday. It also rolled out security fixes for Office 2013/2016 that resolve spoofing and more such flaws.
Google has released an emergency security update, which fixes a new Chrome zero-day security vulnerability. The new firmware is rolling out to users in the Stable and Extended stable channel.
Microsoft's August 2023 Exchange Server security update (SUs) had major issues, so much so that the tech giant had to pull the updates. The issue has been resolved with re-published SUs.
_medium.jpg)
Microsoft recently began patching UEFI bootkit vulnerabilities with this month's Patch Tuesday update. The company has now released a helpful guide about blocking such Windows boot managers.
Microsoft has released its blog post about the latest May 2023 Windows Autopatch update. The blog post outlines all the new features and Microsoft says the latest release is its most "impactful".
Microsoft has issued PowerShell scripts for multiple security vulnerabilities on Windows 11 and Windows 10. These are for speculative side channel attack CPU flaws, thirteen in total.
Microsoft and Intel released updated mitigations of MMIO security flaw last month for several Windows 10, Windows 11 and Server versions. For the remaining, the updated files are now available.
Microsoft has issued an update today about the third phase security hardening changes deployment for Windows Server Kerberos protocol. These changes are meant to patch a major security flaw.
Microsoft has issued a reminder today about the third phase security hardening changes deployment for Windows Server Kerberos protocol. These changes are meant to patch a major security flaw.
Microsoft, today, has released additional helpful resources regarding DCOM hardening, which has been in place since 2021. This comes a month after the company issued a reminder about the changes.
_medium.jpg)
Microsoft has released a couple of PowerShell scripts to address a BitLocker bypass security vulnerability issue. In its bulletin, the company has explained the differences between the two scripts.
The new security updates were released to deal with some vulnerabilities that were found and reported by Intel way back in June 2022, but are only just now getting patched by Microsoft.
AMD's Zen 4 has been tested with the various Spectre variant mitigations and the performance is surprisingly good. In fact, overall, the Ryzen 7950X has managed to beat the unpatched system.
Apple has sent out iOS and iPadOS 15.7, and macOS 12.6. These contain security patches that are already in iOS 16. Apple has two reasons for seeding incremental updates alongside latest versions.
Apple has released small updates for its iPhone, iPad, and Mac devices. macOS 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 address security vulnerabilities that exist within the Kernel and WebKit.
With Patch Tuesday recently, Microsoft released the KB5012170 update which adds new vulnerable UEFI signatures to the Secure Boot DBX. The newly added signatures are related to the GRUB vulnerability.
Users with supported Nvidia graphics cards and now-unsupported Windows 7 and 8 can download fresh drivers that bring security patches for unknown vulnerabilities without any game-related improvements.
Nearly all Android smartphones and devices packing MediaTek or Qualcomm with a Security Patch dated prior to December 2021 remain vulnerable to an RCE security bug that can allow eavesdropping.
Testing the new retpoline mitigation on AMD for Spectre v2 shows that the performance loss with the new patch is nowhere nearly as big as the performance impact incurred by Intel processors.
A new CPU exploit based on the infamous Spectre v2 has been discovered. However, when the security patch is applied it can affect performance by up to 36%, that's according to a recent study.
Despite Android security patches being released monthly, OEMs may not update their devices at the same rate. Now, Google is baking security patching into agreements with OEMs to improve the situation.
Users with a Pixel 2 phone are more than likely to experience failure to connect or a disconnect 'mid-drive' with the Android Auto display, and after some investigating, Google says a fix is coming.
In a highly unusual move, Microsoft has once again released security patches for unsupported versions of Windows, including XP and Vista. It has also warned of state-sponsored cyberattacks.
In a "highly unusual" move, Microsoft has published a security patch for Windows XP, Windows 8, and Windows Server 2003, preventing further spread of the 'WannaCry' ransomware attack.
Google's Android Security report for 2016 acknowledges that "there's still a lot of room for improvement" in how devices are updated, but says it's made good progress, and will continue to do so.
Owners of the Galaxy A8 and Galaxy J5 (2016) are still waiting for Android 7.0 Nougat to arrive - but in the meantime, Samsung is keeping their devices safe with the latest Android security updates.
Google has announced the February Security Patch Level OTA update for supported devices, the update contains a fix for a "Remote Execution" vulnerability, as well as bunch of others.
Thirteen months after Marshmallow's release, AT&T has finally made the update available for the Samsung Galaxy Tab S 10.5, including the September security patches and NumberSync support.
It emerged last week that Verizon would be handling OS updates for Google's new flagship phones. But both Google and the carrier have now assured buyers that those updates will roll out without delay.
Trend Micro has reported that attackers part of a foreign cyber espionage campaign, referred to by the company as Pawn Storm, have leveraged an exploit discovered in Adobe's Flash Player software.
Microsoft has re-released several security bulletins it launched last week to fix issues that were discovered after they were issued, in a trend that has some security experts concerned.
DigiNotar, the Dutch certificate authority, was hacked recently, generating fake security certificates for hundreds of websites. Adobe has a solution: Patch DigiNotar out.
As Windows 10 approaches end of life, Microsoft targets more users with full-screen ads
Windows 11 build 27754 is out with modernized Windows Hello, new taskbar features, more
Windows 11 audio bug blasts users with 100% volume, Microsoft confirms
Microsoft's free Bing Wallpaper app for Windows is borderline malware
Recommended by 
We're on Mastodon!
We're on Mastodon!