372 matches found
Update mechanism Passwordstate compromised
Click Studios, the manufacturer of Passwordstate, has announced announced that its automatic update mechanism has been abused to offer malicious files for download. If you meet these criteria: - you are currently using version 9.1 build 9117, - Passwordstate applies updates automatically, - and t...
Security Updates for Microsoft Excel Products (April 2021)
The Microsoft Excel Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - Microsoft Office Remote Code Execution Vulnerability CVE-2021-28449 - Microsoft Excel Remote Code Execution Vulnerability CVE-2021-28451, CVE-2021-28454, CVE-2021-28456 Note that...
Security Updates for Outlook (April 2021)
The Microsoft Outlook application installed on the remote host is missing security updates. It is, therefore, affected by a memory corruption vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable...
PT-2021-4051 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.7.1 Description: The issue is related to the exposure of information in WordPress, a content management system. It involves the exploitation of a block in the WordPress editor, which can expose password-protected...
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...
Dr.Web Security Space 数据伪造问题漏洞
Doctor Web Dr.Web Security Space is an application of the Russian company Doctor Web. Dr.Web Security Space is an application from the Russian company Doctor Web that provides a unified protection of all nodes of an enterprise network. A security vulnerability exists in Dr.Web Security Space...
Microsoft Issues Patches for Defender Zero-Day and 82 Other Windows Flaws
For the first patch Tuesday of 2021, Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability. The latest security patches cover Microsoft Windows, Edge browser, ChakraCore, Office and...
Auto-Update Fails with Citrix Workspace App 2012 for Windows
This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Automatic updates from Citrix Workspace app 2012 for Windows fails with the error "Could not load fi...
Citrix Secure Mail for Android Security Update
Description of Problem Vulnerabilities have been discovered in CitrixSecure Mailfor Androidthatcould allowunauthorisedaccessto datawithinCitrix Secure Mail. These vulnerabilities have the following identifiers: CVE ID| Description| Vulnerability Type| Pre-conditions ---|---|---|--- CVE-2020-8274|...
Updates to XenVBD Windows I/O driver - For Citrix Hypervisor and XenServer
Who Should Read This Article? This information is for customers using Citrix Hypervisor or XenServer who are entitled to receive automatic Windows I/O driver updates on their Windows VMs. Latest version The following versions of XenVBD are the latest that are available through Windows Automatic...
Updates to XenBus Windows I/O driver - For Citrix Hypervisor and XenServer
Who Should Read This Article? This information is for customers using Citrix Hypervisor or XenServer who are entitled to receive automatic Windows I/O driver updates on their Windows VMs. Latest versions The following versions of XenBus are the latest that are available through Windows Automatic...
Updates to XenVIF Windows I/O driver - For Citrix Hypervisor and XenServer
Who Should Read This Article? This information is for customers using Citrix Hypervisor or XenServer who are entitled to receive automatic Windows I/O driver updates on their Windows VMs. Latest version The following versions of XenVIF are the latest that are available through Windows Automatic...
Patch Tuesday - November 2020
Jumping right back to a triple digit volume of vulnerabilities resolved, Microsoft covers 112 CVEs this November affecting products ranging from our standard Windows Operating Systems and Microsoft Office products to some new entries such as Azure Sphere. Microsoft CVE-2020-17087: Windows Kernel...
Receiver Updater stops working with "Problem Checking for updates" error
To resolve this issue, download the Receiver auto-update fix located in the latest downloads page. Windows -https://www.citrix.com/downloads/citrix-receiver/windows/receiver-for-windows-latest.html Mac -https://www.citrix.com/downloads/citrix-receiver/mac/receiver-for-mac-latest.html Applicable...
Windows 10 update history
Windows 10 update history Updates for Windows 10 initial version released July 2015 Windows 10 is a service, which means it gets better through periodic software updates.The great news is you usually don’t have to do anything! If you have enabled automatic updates, new updates will automatically...
Windows 10 and Windows Server 2016 update history
Windows 10 and Windows Server 2016 update history Updates for Windows 10 version 1607 and Windows Server 2016 Windows 10 is a service, which means it gets better through periodic software updates.The great news is you usually don’t have to do anything! If you have enabled automatic updates, new...
PCI DSS compliance: why it’s important and how to adhere
PCI DSS is short for Payment Card Industry Data Security Standard. Every party involved in accepting credit card payments is expected to comply with the PCI DSS. The PCI Standard is mandated by the card brands, but administered by the Payment Card Industry Security Standards Council PCI SSC. The...
[SECURITY] Fedora 31 Update: clamav-0.102.4-1.fc31
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...
CVE-2019-15310
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When...
Command injection
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When...