April 14, 2026-KB5082419 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 21H2 and Windows 10 Version 22H2

April 14, 2026-KB5082419 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 21H2 and Windows 10 Version 22H2 Revised April 22, 2026: Revised on April 22nd, 2026 to add the known issue section. Release Date: April 14, 2026 Version: .NET Framework 3.5 and 4.8.1 The April 14,...

April 14, 2026-KB5082425 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows Server 2022

April 14, 2026-KB5082425 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows Server 2022 Release Date: April 14, 2026 Version: .NET Framework 3.5 and 4.8.1 The April 14, 2026 update for Windows Server 2022 includes security and cumulative reliability improvements in .NET Framework 3.5...

April 14, 2026-KB5082413 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019

April 14, 2026-KB5082413 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows 10, version 1809 and Windows Server 2019 Release Date: April 14, 2026 Version: .NET Framework 3.5 and 4.7.2 The April 14, 2026 update for Windows 10, version 1809 and Windows Server 2019 includes security and...

February 10, 2026-KB5074837 Cumulative Update for .NET Framework 4.8.1 for Windows 11, version 26H1

February 10, 2026-KB5074837 Cumulative Update for .NET Framework 4.8.1 for Windows 11, version 26H1 Release Date: February 10, 2026 Version: .NET Framework 4.8.1 The February 10, 2026 update for Windows 11, version 26H1 includes security and cumulative reliability improvements in .NET Framework...

SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats

A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity "reveals a notable evolution in...

SideWinder's Shifting Sands: Click Once for Espionage

SideWinder's Shifting Sands: Click Once for Espionage By Ernesto Fernández Provecho and Pham Duy Phuc · October 22, 2025 In September 2025, the Trellix Advanced Research Center ARC detected a campaign targeting a European embassy located in New Delhi, India. Further investigation led to the...

EUVD-2024-26504

Malicious code in bioql PyPI...

OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

OneClik: A ClickOnce-Based Red Team Campaign Simulating APT Tactics in Energy Infrastructure By Nico Paulo Yturriaga and Pham Duy Phuc · Updated : June 30, 2025 The Trellix Advanced Research Center previously uncovered what appeared to be a sophisticated APT malware campaign, which we dubbed...

OneClik Red Team Campaign Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Cybersecurity researchers have detailed a new campaign dubbed OneClik that leverages Microsoft's ClickOnce software deployment technology and bespoke Golang backdoors to compromise organizations within the energy, oil, and gas sectors. "The campaign exhibits characteristics aligned with...

OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure

OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure By Nico Paulo Yturriaga and Pham Duy Phuc · June 24, 2025 The Trellix Advanced Research Center has uncovered a sophisticated APT malware campaign that we’ve dubbed OneClik. It specifically targets the energy, oil...

CVE-2024-29500

An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...

CVE-2024-29500

An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...

CVE-2024-29500

An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...

CVE-2024-29500

CVE-2024-29500 concerns the Secure Lockdown Multi Application Edition (Inteset) v2.00.219, where the kiosk mode permits an attacker to execute arbitrary code by running a ClickOnce application instance. The initial description and connected sources consistently state this is tied to the kiosk mod...

CVE-2024-29500

An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...

PT-2024-22927 · Unknown · Secure Lockdown Multi Application Edition

Name of the Vulnerable Software and Affected Versions: Secure Lockdown Multi Application Edition version 2.00.219 Description: An issue in the kiosk mode of Secure Lockdown Multi Application Edition allows attackers to execute arbitrary code via running a ClickOnce application instance...

Inteset Systems Secure Lockdown 安全漏洞

Inteset Systems Secure Lockdown is a Windows lockdown utility from Inteset Systems, Inc. Allows access to only desired applications from a highly customizable menu. A security vulnerability exists in Inteset Systems Secure Lockdown version v2.00.219, which stems from a vulnerability that allows a...

CVE-2024-29500

An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance...

September 12, 2023—KB5030211 (OS Builds 19044.3448 and 19045.3448) - EXPIRED

September 12, 2023—KB5030211 OS Builds 19044.3448 and 19045.3448 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. -...

Security Updates for Microsoft .NET Framework (August 2023)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows: - A remote code execution vulnerability in applications running on IIS using their parent application's Application Pool which can lead to...