About Elevation of Privilege - Desktop Window Manager (CVE-2026-21519) vulnerability

About Elevation of Privilege - Desktop Window Manager CVE-2026-21519 vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Desktop Window Manager is a compositing window manager included in Windows starting with Windows Vista. A Type Confusion error CWE-843 in Desktop...

February Microsoft Patch Tuesday

February Microsoft Patch Tuesday. A total of 55 vulnerabilities, half as many as in January. There are as many as six ❗️ vulnerabilities being exploited in the wild: 🔻 SFB/RCE - Windows Shell CVE-2026-21510 🔻 SFB/RCE - Microsoft Word CVE-2026-21514 🔻 SFB - MSHTML Framework CVE-2026-21513 🔻 EoP -...

Patch Tuesday: Microsoft Fixes 63 Bugs with 2 Zero-Days

Microsoft's February Patch Tuesday addresses 63 security vulnerabilities, including two actively exploited zero-days. Update your systems now to…...

DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability

A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra aka DarkCasino targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails...

PT-2020-11391 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 8.0 through 10 Description: The issue is related to a possible out of bounds write due to an incorrect bounds calculation in the Bluetooth stack, which could lead to remote code execution over Bluetooth with no additional...

Microsoft February Patch Tuesday : Two critical and Three Important Security Updates

Today Microsoft has released Security Bulletin Advanced Notification for February 2014 Patch Tuesday. The notification dictates five bulletins out of which two have critical Remote Code Execution and rest are important in aspect to severity of security flaw. A Remote Code Execution vulnerability...

Oracle Leaves Fix for Java SE Zero Day Until February Patch Update

Oracle will not patch a critical sandbox escape vulnerability in Java SE versions 5, 6 and 7 until its February Critical Patch Update, according to the researcher who discovered the flaw. Adam Gowdiak of Polish security firm Security Explorations told Threatpost via email that Oracle said it was...

Microsoft Fixes Critical IE, Windows Bugs with February Patch Tuesday

Microsoft released nine security updates Tuesday, four critical; five important, fixing 21 different holes in various applications with its February patch release. The four critical fixes deal with vulnerabilities in the company’s Windows, Internet Explorer, .NET Framework and Silverlight program...