Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target’s identity and trick the face recognition mechanism into giving them access to the… Article Source https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-hello-authentication-bypass-vulnerability/
Broadcom has released updates addressing a high-severity vulnerability impacting VMware Fusion 13.x software hypervisor instances used for the concurrent operation of other operating systems in macOS, which could be leveraged for arbitrary code… Source link
After testing out the beta versions, Microsft has released a stable Windows 11 update as a 22621.607 (KB5017389) version. Surprisingly, this new update carries a huge bundle of fixes and improvements in comparison to the beta builds. On diving… Article Source https://www.huaweicentral.com/microsoft-releases-windows-11-to-22621-607-update-adds-new-fixes-to-processors-and-internal-system/
In their weekly report from June 26 to July 2, Cyble Research and Intelligence Laboratories (CRIL) analyzed 29 vulnerabilities, including critical and high-severity flaws in Juniper Networks, OpenSSH, and GitLab products. They also highlighted a medium severity vulnerability in Cisco Nexus switches that is being actively exploited, as well as exploits for sale on the … Read more
A new security flaw called “Indirector” has been discovered by researchers at the University of California, San Diego, affecting 12th, 13th, and 14th generation Intel processors. This vulnerability, similar to previous threats like Spectre, Collapse, and Drop, can lead to the leakage of sensitive information from processors. The attack targets the indirect branch indicator (IBI) … Read more
Intel has released a new non-WHQL graphics driver, version 31.0.101.5594, just a few days after the previous release. This update contains a minor fix related to Citrix Workspace. It is important to note that non-WHQL drivers are not certified by Microsoft and may be less stable than WHQL versions. If you do not require the … Read more
Google has released the Chrome 126 update to fix six vulnerabilities, including a high-severity type confusion flaw in the V8 script engine demonstrated at TyphoonPWN 2024 hacking competition. Seunghyun Lee reported this issue and received a $20,000 reward. Other high-severity issues addressed include inappropriate implementation in WebAssembly, out-of-bounds memory access, and use after free in … Read more
Cisco recently addressed vulnerabilities that were used to compromise the German government’s Webex meetings. In early May, it was revealed that threat actors exploited vulnerabilities in the implementation of Cisco Webex software by the German government. This comes after a previous incident in March where Russian-linked actors hacked into a military meeting discussing military support … Read more
Google has released a new update for Chromecast with Google TV, focusing on security and stability. The update, codenamed STTE.240315.002, includes important security patches that increase the Android security patch level until April 2024. This 134 MB update is the fourth in just five months, surpassing the previous year’s update schedule. While the official changelog … Read more
VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest. The most severe flaw patched today is CVE-2024-22267, a use-after-free flaw in the vbluetooth device demoed by the STAR Labs SG and Theori teams. “A malicious actor with local administrative privileges on … Read more