Microsoft asserts that while two of the vulnerabilities (CVE-2014-1770 3 min Microsoft Patch Tuesday - May 2014 - Lots going on There is a lot going on in the updates from Microsoft this month, including some very interesting and long time coming changes. Also, it's the highest volume...
Read about the latest risks regarding Vulnerabilities and exploits, and find helpful solutions from the digital security experts at Microsoft Security Blog.
New Critical Microsoft IE Zero-Day Exploits in Metasploit We've been noticing a lot of exploit activities against Microsoft vulnerabilities lately. We decided to look into some of these attacks, and released two modules for CVE-2012-1889 [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20...
Emotet, a notorious email-based malware behind several botnet-driven spam campaigns and ransomware attacks, contained a flaw that allowed cybersecurity researchers to activate a kill-switch and prevent the malware from infecting systems for six months. "Most of the vulnerabilities and exploits that yo...
vulnerabilities, collectively tracked as CVE-2024-38271 (CVSS score: 5.9) and CVE-2024-38272 (CVSS score: 7.1), was that they could have been fashioned into an exploit chain to obtain arbitrary code execution on Windows hosts. Quick Share (previously Nearby Share) is a peer-to-peer file-...
The security vulnerability has also been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog on February 4, 2025. The vulnerability can be exploited remotely over the network, with low complexity and without any user interaction, making it relatively easy to exploit once the target is ...
Sign inSubscribe Latest Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action Latest News on Ivanti Cloud Vulnerabilities and Exploits Active Exploitation of Ivanti Cloud Service Appliances (CSA) Vulnerabilities The Cybersecurity and Infrastructure Security Agency (CISA) and...
include vulnerabilities. Applications running inside of containers may be outdated, unpatched or unsecure. They may even contain hidden malware. And if a hacker breaks into just one container or gains access to the host, they could potentially gain control of every container running in a...
This update follows Apple's ongoing efforts to shore up security. Earlier in the year, it patched two other zero-day vulnerabilities, CVE-2025-24085 and CVE-2025-24200. The quick response demonstrates Apple's vigilance in addressing security threats and reducing the risk of further exploits. ...
Two of the active exploits are information disclosure vulnerabilities, both in Windows NTFS. CVE-2025-24984 allows bad actors with physical access to a device to read memory and steal data when a malicious USB drive is inserted, while CVE-2025-24991 is exploited when a user mounts a malicious...