0patch released the fix for the remote code execution vulnerability in Windows, which has a CVSS score of 7.8.
Adobe issues patch for a Flash Player vulnerability that could lead to an arbitrary code execution on targeted systems.
The unpatched flaw allows an attacker to delete any kind of file on a victim machine, including system data.
Simple technique enables attackers to leverage Windows OS component to maintain stealth and persistence post system compromise.
The update also features 23 security fixes.
A fake Adobe update actually updates victims’ Flash – but also installs malicious cryptomining malware.
A newly discovered malware has different capabilities for Windows and Linux systems, including ransomware and cryptomining.
This week’s news includes a Microsoft zero-day flaw and Yahoo’s recent email privacy snafu.
A Windows task scheduler API function does not check permissions – so any potential local bad actor can alter them to gain elevated privileges.
Misconfigured DIY smart-home hubs for home automation could allow attackers to track owners’ movements, see if smart doors and windows are opened or closed, and even open garage doors.