Jump to content
  • Our picks

    • Microsoft and Google have both released new Stable Channel Builds that patch a critical Chromium-based Use-After-Free (UAF) vulnerability which could allow attackers to execute arbitrary code upon successful exploitation. For Edge, it is version 94.0.992.31, while for Google Chrome, it is version 94.0.4606.61. The new builds are based on Chromium version 94.0.4606.54.
       
      The vulnerability has been assigned the ID "CVE-2021-37973" and the flaw was discovered by a Google Security engineer Clément Lecigne with assistance from Sergei Glazunov and Mark Brand, among others.
       
      Google states it found the UAF vulnerability in its Portals feature and according to CERT, "a remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system".
      • 0 replies
    • Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads.
       
      "Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code — which is used in a number of security scanning products," Google Threat Analysis Group's Neel Mehta said in a write-up published on Thursday.
       
      The new mechanism was observed to be exploited by a notorious family of unwanted software known as OpenSUpdater that's used to download and install other suspicious programs on compromised systems. Most targets of the campaign are users located in the U.S. who are prone to downloading cracked versions of games and other grey-area software.
      • 0 replies
    • Microsoft is today releasing a Beta channel build. While the Dev channel got Windows 11 build 22458 yesterday, the beta channel is being served a cumulative update, bumping up the build number to 22000.194. This is to be expected since the version heading to the Beta channel is in its final stages of development, being made ready for the October 5 release. However, the version will continue receiving cumulative updates with bug fixes post-release, especially since the release is a staggered one.
       
      As for the fixes themselves, there's a few that are listed below, but readers might need to be aware that this build also introduces the TPM requirements in Virtual Machines, meaning updates will be blocked if you are running Windows 11 in anything but VMWare Workstation Pro or Hyper-V Manager that is included in Windows 10 Pro and Enterprise editions of Windows.
    • We take a deep-dive into the aftermath of the T-Mobile breach
       
      T-Mobile’s most recent data breach leaked the personal information of 53 million people, with names, addresses and even social security numbers leaked online. 
       
      Those affected face not only the risk of identity theft, but also the growing threat of SIM-swapping that can allow attackers to hijack their online accounts. 
       
      While security experts have given consumers advice about how to protect themselves, some well known companies are actively preventing them from securing their accounts.
      • 0 replies
    • Windows 11 Requirements Check Tool is a new portable program for computer systems running Windows 8.1 or Windows 10. It compares the computers hardware with Microsoft's requirements for the company's Windows 11 operating system.
       
      It offers a quick option to check if a PC is compatible with Windows 11. If that is all that is required, it is as good a tool as any for the job as it displays whether the device is compatible with Windows at the top of the window when it is run.
      • 3 replies
×
×
  • Create New...