Cyber Security Information Portal
Microsoft Releases October 2023 Security Updates 11/14/2023 04:00 PM EST Microsoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s November 2023 Security Update Guide and apply the necessary updates. This …
Continue reading “Microsoft Releases October 2023 Security Updates”
CISA Adds Three Known Exploited Vulnerabilities to Catalog 11/14/2023 03:30 PM EST CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36033 Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability CVE-2023-36025 Microsoft Windows SmartScreen Security Feature Bypass Vulnerability CVE-2023-36036 Microsoft Windows Cloud Files Mini Filter Driver Privilege …
Continue reading “CISA Adds Three Known Exploited Vulnerabilities to Catalog”
CISA Adds Three Known Exploited Vulnerabilities to Catalog 11/14/2023 03:30 PM EST CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36033 Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability CVE-2023-36025 Microsoft Windows SmartScreen Security Feature Bypass Vulnerability CVE-2023-36036 Microsoft Windows Cloud Files Mini Filter Driver Privilege …
Continue reading “CISA Adds Three Known Exploited Vulnerabilities to Catalog”
Vulnerability Summary for the Week of October 9, 2023 10/16/2023 07:09 AM EDT High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source & Patch Info 3ds — teamwork_cloud_no_magic_release A Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x could allow with some very specific conditions …
Continue reading “Vulnerability Summary for the Week of October 9, 2023”
Microsoft Releases October 2023 Security Updates 10/10/2023 07:00 PM EDT Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s October 2023 Security Update Guide and apply the necessary updates. …
Continue reading “Microsoft Releases October 2023 Security Updates”
CISA Adds Five Known Vulnerabilities to Catalog 10/10/2023 06:30 PM EDT CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability CVE-2023-41763 Microsoft Skype for Business Privilege Escalation Vulnerability CVE-2023-36563 Microsoft WordPad …
Continue reading “CISA Adds Five Known Vulnerabilities to Catalog”
CISA Adds Five Known Vulnerabilities to Catalog 10/10/2023 06:30 PM EDT CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-21608 Adobe Acrobat and Reader Use-After-Free Vulnerability CVE-2023-20109 Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability CVE-2023-41763 Microsoft Skype for Business Privilege Escalation Vulnerability CVE-2023-36563 Microsoft WordPad …
Continue reading “CISA Adds Five Known Vulnerabilities to Catalog”
Microsoft Releases September 2023 Updates 09/12/2023 07:00 PM EDT Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s September 2023 Security Update Guide and apply the necessary updates. …
Continue reading “Microsoft Releases September 2023 Updates”
CISA Adds Two Known Vulnerabilities to Catalog 09/12/2023 06:00 PM EDT CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36761 Microsoft Word Information Disclosure Vulnerability CVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose …
Continue reading “CISA Adds Two Known Vulnerabilities to Catalog”
CISA Adds Two Known Vulnerabilities to Catalog 09/12/2023 06:00 PM EDT CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36761 Microsoft Word Information Disclosure Vulnerability CVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose …
Continue reading “CISA Adds Two Known Vulnerabilities to Catalog”