SEARCH
Archive
CISA Orders Agencies to Patch Zerologon Flaw
Federal agencies have until the end of Monday to install fixes for a recently-fixed elevation of privilege vulnerability in Windows which could be used to take control of the entire network, CISA said in an emergency directive.
Wormable Flaw in Windows DNS Server Can Take Over IT Networks
DNS issues are bad news, and SigRed is among the worst: Microsoft fixes a flaw in Windows DNS Server which has a severity rating of 10 and is believed to be wormable.
Attackers Already Exploiting BIG-IP Vulnerability
A critical vulnerability in F5 Networks’ BIG-IP networking gear is under active attack, just days after the company first announced the flaw.
Give IT a Break from Software Updates
Microsoft said it will pause non-security Windows updates beginning in May as part of its plan to reduce the update pressure on IT and security teams, as they are busy keeping organizations operational during the COVID-19 pandemic. Other software companies are adjusting their release schedules, recognizing that IT and security teams are currently stretched thin.
Microsoft Patches Flaw in Windows Cryptography Component
Microsoft fixed a vulnerability in a cryptography component used by Windows 10 and Windows Server. If exploited, attackers would be able to pass off malicious software as legitimate, thus undermining digital trust.