Two months after the alarm sounded warning of a WannaCry-level event, progress in patching exposed Windows systems varies by country and industry.
The update patches critical flaw (CVE-2019-11707), a type confusion vulnerability in the Mozilla Firefox code that Tor uses.
The Department of Homeland Security urged system administrators to update their Windows machines after testing a working BlueKeep exploit for Windows 2000.
Threatpost editors Tara Seals and Lindsey O’Donnell discuss a recent lawsuit against Amazon for its privacy policies, a Telegram DDoS attack and more.
Evernote’s web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users.
The two CVEs allow bypasses to get around NTLM relay attack mitigations.
Researchers have discovered one million devices that are vulnerable to a “wormable” Microsoft flaw, which could open the door to a WannaCry-like cyberattack.
The vendor also issued a patch schedule for the still-unpatched bug in its Secure Boot trusted hardware environment, which affects most of its enterprise and SMB portfolio, amounting to millions of vulnerable devices.
Cisco has patched a critical flaw in its virtualized function automation tool, Cisco Elastic Services Controller.
Crestron, Barco wePresent, Extron ShareLink and more wireless presentation systems have an array of critical flaws.