patch Archives - HackerSecret.com - The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

Google looks at bypass in Chromium’s ASLR security defense, throws hands up, won’t patch garbage issue

Engineers write off GC abuse because Spectre broke everything anyway In early November, a developer contributing to Google’s open-source Chromium project reported a problem with Oilpan, the garbage collector for the browser’s Blink rendering engine: it can be used to break a memory defense known as address space layout randomization (ASLR).… The Register – Security

Tripwire Patch Priority Index for February 2021

Tripwire’s February 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Apache, VMware and Microsoft. First on the patch priority list this month is a patch for Apache Tomcat. The Apache Tomcat “Ghostcat” vulnerability, identified as CVE-2020-1938, has been recently added to the Metasploit Exploit Framework. Next on the list are patches for ESXi […]

Patch now! Exchange servers attacked by Hafnium zero-days

Microsoft has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Microsoft attributes the attacks to a group they have dubbed Hafnium. “HAFNIUM primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, […]

Patch your Exchange email server now! flaws exploited by hackers to download corporate email

Microsoft has released emergency security patches for four zero-day vulnerabilities in its Exchange email server software, widely used by businesses. Graham Cluley

March 2021 Patch Tuesday forecast: Off to an early start

Microsoft got an early start on Patch Tuesday, releasing a series of out-of-band security updates this week to address four zero-day vulnerabilities in Exchange Server. There’s been a lot of security activity in the news, so I’m sure it is going to be a busy Patch Tuesday. The Microsoft Security Response Center reported known attacks […]