In the November 2020 Microsoft security patch release, Microsoft updated its vulnerability information page. Following the new patch information format, below are some of the CVEs included in the November 2021 release:
CVE-2021-42298 - Microsoft Defender Remote Code Execution Vulnerability CVSS:3.1 7.8/6.8
CVE-2021-40461 - Windows Hyper-V Remote Code Execution Vulnerability CVSS:3.1 8.0/7.0
What is the current state of SCADA vulnerabilities? Staying informed is essential in the fight against exploits and cyberattacks with real-world consequences.
Patch now: Two Chrome zero-days were reported, one of them actively exploited in a campaign. Meanwhile, BlueKeep was initially reported seen in the wild to install a malicious Monero miner.
Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.