Patch

Logfile management is no fun. Now it's a nightmare thanks to critical-rated VMware flaws

You know the drill: patch before criminals use these bugs in vRealize to sniff your systems

Patches25 Jan 2023 |

Apple emits emergency patch for older iPhones after snoops pounce on WebKit hole

Also: Yay for Data Privacy Day!

Security24 Jan 2023 | 14

Thousands of Sophos firewalls still vulnerable out there to hijacking

Updated As hundreds of staff axed this week

Security18 Jan 2023 | 3

First Patch Tuesday of the year explodes with in-the-wild exploit fix

Patch Tuesday Plus: Intel, Adobe, SAP and Android bugs

Patches11 Jan 2023 | 20

Here's how to remotely take over a Ferrari...account, that is

Connected cars. What could possibly go wrong?

Security07 Jan 2023 | 86

Microsoft ain't the only one squashing exploited-in-the-wild bugs this month

Patch Tuesday Plus there's a PoC for this unpatched Cisco bug

Patches14 Dec 2022 | 11

Nvidia patches 29 GPU driver bugs that could lead to code execution, device takeover

Take a break from the gaming and fix these now

Patches01 Dec 2022 | 5

Sirius XM flaw unlocks so-called smart cars thanks to code flaw

Telematics program doesn't just give you music, but a big security flaw

Security30 Nov 2022 | 25

OpenSSL downgrades horror bug after week of panic, hype

Relax, there's more chance of Babbage coming back to life to hack your system than this flaw being exploited

Patches01 Nov 2022 | 3

Unofficial fix emerges for Windows bug abused to infect home PCs with ransomware

Broken code signature? LGTM, says Microsoft OS

Patches01 Nov 2022 | 17

Sophos fixes critical firewall hole exploited by miscreants

Code-injection bug in your network security... mmm, yum yum

Patches28 Sep 2022 | 9

EU puts smart device manufacturers on the hook for cyber security

Requires five years of patching, 24 hour incident reporting, and proper security … for starters

Systems16 Sep 2022 | 69

One month after Black Hat disclosure, HP's enterprise kit still unpatched

What could go wrong with leaving firmware open after world's biggest hacker convention talk?

Security13 Sep 2022 | 12

Apple patches iPhone and macOS flaws under active attack

High-value targets tend to get hit

Security12 Sep 2022 | 13

Critical hole in Atlassian Bitbucket allows any miscreant to hijack servers

Grab and deploy this backend update if you offer even repo read access

Patches29 Aug 2022 | 6

If you haven't patched Zimbra holes by now, assume you're toast

Here's how to detect an intrusion via vulnerable email systems

Patches23 Aug 2022 |

Google, Apple squash exploitable browser bugs

Chrome flaw has public exploit, WebKit hole actively abused along with kernel escalation

Patches17 Aug 2022 | 8

Palo Alto bug used for DDoS attacks and there's no fix yet

There goes the weekend...

Security12 Aug 2022 | 5

Warning! Critical flaws found in US Emergency Alert System

DEF CON may be about to blow lid off security hole

Patches05 Aug 2022 | 14

VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws

Meanwhile, a security update for rsync

Patches03 Aug 2022 | 1

FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft

Internet-connected MDM instances, each with an 'unrestricted number' of managed devices, were vulnerable

Security27 Jul 2022 | 5

CISA pulls the fire alarm on Juniper Networks bugs

Hate to ruin your Friday

Patches15 Jul 2022 | 3

How a botched kernel patch broke Ubuntu – and why it may happen again

Panic! at the distro

OSes08 Jul 2022 | 41

How refactoring code in Safari's WebKit resurrected 'zombie' security bug

Fixed in 2013, reinstated in 2016, exploited in the wild this year

Research21 Jun 2022 | 14

Apple patched critical flaws in macOS Monterey but not in Big Sur nor Catalina

About 35-40% of iGiant's desktop OS installs potentially vulnerable, says Intego

Patches06 Apr 2022 | 69

Adobe warns of second critical security hole in Adobe Commerce, Magento

As sanctioned Russian infosec firm says it has working exploit code

Security18 Feb 2022 | 19

VMware patches critical guest-to-host vulnerabilities

Time to fix code like it's 2020

Virtualization17 Feb 2022 | 3

Microsoft patches Y2K-like bug that borked on-prem Exchange Server

Happy New Year. Welcome back! Now apply this patch – which Microsoft warns isn't easy – if you want email to work

Software03 Jan 2022 | 33

Expired cert breaks Windows 11 snipping tool, emoji panel, S Mode features, other stuff

And we're talking about shipped code, not some Insider beta, here

OSes04 Nov 2021 | 64

Patch now? Why enterprise exploits are still partying like it's 1999

Feature Am I only dreaming, or is this burning an Eternal Blue?

Security08 Sep 2021 | 28

SolarWinds issues software update – one it wrote for a change – to patch hole exploited in the wild

'Single threat actor' already abusing RCE flaw, Microsoft reports

Security12 Jul 2021 | 9

Apple patches macOS flaw exploited by malware to secretly snap screenshots

Bug can also be abused to record audio and video, access files – and iOS, iPadOS updated, too

Security24 May 2021 | 12

Microsoft says Outlook hit by 'email visibility issues' – as in, they're blank

Here's an unofficial fix for those who need their messages now

Applications12 May 2021 | 17

Partial beer print horror as Microsoft's printer bug fix, er, doesn't

Updated Bugs, patchually: Just when you thought it was safe to print from Windows

Software18 Mar 2021 | 82

Now it is F5’s turn to reveal critical security bugs – and the Feds were quick to sound the alarm on these BIG-IP flaws

Remote code execution, denial of service, API abuse possible. Meanwhile, FBI pegs China for Exchange hacks

Security11 Mar 2021 | 11

As the world descends into madness, it's good to see some things never change: Monthly Android patches

Qualcomm bugs among the worst – including a critical hole in wireless networking

Security04 Aug 2020 | 16

You, Apple Mac fan. Put down the homemade oat-milk latte, you need to patch a load of security bugs, too

Patch Thursday is for you, Patch Tuesday is for everyone else

OSes28 May 2020 | 6

How to make a stranger's insecure 3D printer halt-and-catch-fire – plus more alerts from infosec world

Roundup San Francisco Airport websites hacked, VMware patches emitted, etc

Security13 Apr 2020 | 24

Oi, Cisco! Who left the 'high privilege' login for Smart Software Manager just sitting out in the open?

Critical fix for static credential headlines latest patch rollout

Security19 Feb 2020 | 9

Updated your WordPress plugins lately? Here are 320,000 auth-bypassing reasons why you should

Another day, another critical set of flaws

Security15 Jan 2020 | 20

ATTK of the Pwns: Trend Micro's antivirus tools 'will run malware – if its filename is cmd.exe'

Video Try not to save files to your Windows PC called cmd.exe or regedit.exe

Security21 Oct 2019 | 28

Cisco cleans up critical flaws, Florida city forks out $600k to ransomware scumbags, and more from infosec land

Roundup Your quick guide to what else has been happening in computer security lately

Security24 Jun 2019 | 7

Awoogah! Awoogah! Firefox fans urged to update and patch zero-day hole exploited in the wild by miscreants

Just make sure you're running the latest version

Security18 Jun 2019 | 41

Sophos antivirus tools. Working Windows box. Latest Patch Tuesday fixes. Pick two: 'Puters knackered by bad combo

Updated Two weeks and no sign of a proper solution, Avast and McAfee affected, too

OSes24 Apr 2019 | 66

Cisco whispers the three little words to really get an ASR 9000 net admin's blood pumping: Remote unauthenticated access

Critical patch available now for those with vulnerable kit

Networks18 Apr 2019 | 8

We don't know whether 737 Max MCAS update is coming or Boeing: Anti-stall safety fix delayed

Airlines will have to wait few more weeks to get new code as engineers need more time

Software02 Apr 2019 | 106

Security storm brewing for Oracle Java-powered smart cards: More than a dirty dozen flaws found, fixes... er, any fixes?

Vuln hunters warn malicious applets can bust through protections, snoop on or hijack access gizmos

Security22 Mar 2019 | 37

Bad cup of Java leaves nasty taste in IBM Watson's 'AI' mouth: Five security bugs to splat in analytics gear

Worst brew than that time El Reg went on a road trip and stopped at a Denny's

Security18 Mar 2019 | 4

Just a reminder: We're still bad at securing industrial controllers

Moxa boxes caught using plain text passwords and insecure web apps

Security11 Mar 2019 | 15

Behold… a WinRAR security bug that's older than your child's favorite YouTuber. And yes, you should patch this hole

Bet all two of you who paid to activate your copy are feeling a little cheesed off at this 14-year-old undetected flaw

Security20 Feb 2019 | 23

Oh Snapd! Gimme-root-now security bug lets miscreants sock it to your Ubuntu boxes

Get an update, or risk giving a dodgy user or malware an upgrade

OSes14 Feb 2019 | 56

Fun fact: GPS uses 10 bits to store the week. That means it runs out... oh heck – April 6, 2019

Nav gadgets will be Gah, Properly Screwed if you don't or can't update firmware

On-Prem12 Feb 2019 | 302

Heads up: Debian's package manager is APT for root-level malware injection... Fix out now to thwart MITM hijacks

Disable redirects before applying update

OSes22 Jan 2019 | 35

Old bugs, new bugs, red bugs … yes, it's Oracle mega-update day again

Out of 284 flaws, 33 are rated critical. Big Red admins have big patches ahead

Security18 Jan 2019 | 2

Got a Drupal-powered website? You may want to get patching now...

Open-source CMS gets a pair of critical fixes

Security18 Jan 2019 | 8

Intel's Software Guard caught asleep at its post: Patch out now for SGX give-me-admin hole

Chipzilla adds to Windows IT admins security update load

Security14 Jan 2019 | 2