3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows Read more…
Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities Nov 15, 2023NewsroomPatch Tuesday / Zero-Day Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three Read more…
MS13-080 addresses two vulnerabilities under limited, targeted attacks | MSRC Blog Today we released MS13-080 which addresses nine CVEs in Internet Explorer. This bulletin fixes multiple security issues, including two critical vulnerabilities that haven been actively exploited in limited targeted attacks, which we will discuss in details in this blog Read more…
Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities | MSRC Blog This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065, which are being exploited. We strongly urge customers to immediately update systems. Failing to Read more…
“BadAlloc” – Memory allocation vulnerabilities could affect wide range of IoT and OT devices in industrial, medical, and enterprise networks | MSRC Blog Microsoft’s Section 52, the Azure Defender for IoT security research group, recently uncovered a series of critical memory allocation vulnerabilities in IoT and OT devices that adversaries Read more…
Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server | MSRC Blog November 8, 2022 update – Microsoft released security updates for CVE-2022-41040 and CVE-2022-41082. We recommend that customers protect their organizations by applying the updates immediately to affected systems. The options described in the Mitigations section are no Read more…
Microsoft’s Response to Open-Source Vulnerabilities – CVE-2023-4863 and CVE-2023-5217 | MSRC Blog Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217. Through our investigation, we found that these affect a subset of our products and as of today, we have addressed Read more…