Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows – CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the admin web console of Ivanti CSA before […]
Author Archives: [email protected]
Adam Barnett, CVE-2024-49112, CVE-2024-49138, Fortra, Immersive Labs, Krebs, LDAP, Lightweight Directory Access Protocol, Microsoft Patch Tuesday December 2024, News, Other, Rapid7, Rob Reeves, Security, Tenable, Tyler Reguly, Windows Common Log File System (CLFS) driver
Patch Tuesday, December 2024 Edition
10
Dec
Dec
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to write transaction logs — that […]
U.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year. […]
A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. […]
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. […]
10
Dec
Dec
Hello Windows Insiders, we are beginning to roll out an update for the Microsoft Copilot app for Windows via the Microsoft Store that introduces the following changes and improvements: It’s native: With this update, the previous Copilot progressive web app (PWA) is replaced with a native version. After installing the Copilot app update, when you […]
Microsoft has released the KB5048652 cumulative update for Windows 10 22H2, which contains six fixes, including a fix that prevented Windows 10 from activating when you change a device’s motherboard. […]
Today is Microsoft’s December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. […]
Microsoft has released the Windows 11 KB5048667 and KB5048685 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […]
The Federal Trade Commission (FTC) is distributing over $72 million in Epic Game Fortnite refunds for the company’s use of dark patterns to trick players into making unwanted purchases. […]