vulnerabilitiesSix Microsoft vulnerabilities being actively exploited
Microsoft’s March Patch Tuesday fixes several vulnerabilities that have already been used in the wild. Details are not clear at the moment, but it’s worth installing the patches ASAP.
Editorial Team
Kaspersky Daily blog editorial team
29 articles
Time to update 7-Zip
Researchers have discovered a vulnerability in the 7-Zip file archiver software.
CVE-2024-10924: vulnerability on around four million sites
A vulnerability that permits bypassing authentication has been found in a popular security hardening plugin for WordPress.
CVE-2024-43451 and other reasons to update ASAP
Exploitation of vulnerability CVE-2024-43451 allows an attacker to steal an NTLMv2 hash with minimal interaction from the victim.
LinuxMalicious code discovered in Linux distributions
A backdoor implanted into XZ Utils has found its way into popular Linux distributions.
Glibc library vulnerability published
A vulnerability in the glibc library affects most major Linux distributions.
CVE-2017-11882: five years of exploitation
It means that some companies still have not installed MS Office patches that were published 5 years ago.
Band-aid on a… corpse: Microsoft patches IE — again
July Microsoft Patch Tuesday: a collection of exploited vulnerabilities.
gamersMinecraft players under attack
Minecraft mods downloaded from several popular gaming websites contain dangerous malware. What we know so far.
CVE-2023-28252 zero-day vulnerability in CLFS
Kaspersky experts discover a CLFS vulnerability being exploited by cybercriminals.
supply chainSupply-chain attack on 3CX clients
Cybercriminals are attacking 3CX VoIP telephony software users via trojanized applications.
e-mailMicrosoft planning to block outdated Exchange servers
Microsoft plans to throttle and block email from vulnerable Exchange servers to Exchange Online.
Newly-discovered Signal vulnerabilities — how dangerous are they?
Researchers have found vulnerabilities in the desktop client of the Signal messenger. Let’s see how dangerous they really are.
Vulnerability in Zimbra exploiting ITW
Servers with the Zimbra Collaboration suit installed are being attacked via an archive unpacking tool.
Patches for 64 vulnerabilities in Microsoft products released
It’s time to update! Microsoft patches 64 vulnerabilities in a variety of products and components — from Windows and Office to Defender and Azure.
DogWalk and other vulnerabilities
Microsoft has released patches for more than 140 vulnerabilities, some of which need to be closed as soon as possible.
Follina: office documents as an entrance
New vulnerability CVE-2022-30190, aka Follina, allows exploitation of Windows Support Diagnostic Tool via MS Office files.
DHS recommends patching VMware, probably you should too
The Department of Homeland Security is urging US federal agencies to “patch or remove” a list of VMware products within five days. Probably you should do it too.
Actively exploited vulnerability in Windows
Time to update Windows! Microsoft has released patches for several dozen vulnerabilities, one of which cybercriminals are actively exploiting.
A bunch of vulnerabilities in Windows, one already exploited
Microsoft patches 128 vulnerabilities in a list of products, including Windows and its components.