Home Tags Zero-day

Tag: zero-day

Microsoft Has Google to Thank for Finding Major Zero Day Vulnerability

NEWS ANALYSIS: New vulnerability allows malware to subvert the operations of Microsoft’s security software on most current systems.

Microsoft Plugs Three Zero Day Holes as Part of May Patch...

Microsoft patched three zero day vulnerabilities actively under attack today as part of its May Patch Tuesday release.

Emergency Update Patches Zero Day in Microsoft Malware Protection Engine

Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows.

Wormable Windows Zero Day Reported to Microsoft

Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich found a remotely exploitable Windows vulnerability that Ormandy called he worst in recent memory.

Unpatched WordPress Password Reset Vulnerability Lingers

A zero day vulnerability exists in WordPress Core that in some instances, could allow an attacker to reset a user's password and in turn, gain access to their account.

‘High Risk’ Zero Day Leaves 200,000 Magento Merchants Vulnerable

A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.

Office Zero Day Delivering FINSPY Spyware to Victims in Russia

Researchers have learned that the recently patched Office zero day was used to target victims in Russia with FINSPY spyware.

Baseband Zero Day Exposes Millions of Mobile Phones to Attack

A previously undisclosed baseband vulnerability impacting Huawei smartphones, laptop WWAN modules and IoT components was revealed Thursday at the Infiltrate Conference

Threatpost News Wrap, March 31, 2017

This year's Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling.

New research reveals that 30 percent of malware attacks are zero...

WatchGuard Launches New Quarterly Internet Security Report30 March 2017: Thirty percent of malware can be classified as new or zero-day because it cannot be caught by legacy antivirus solutions, according to research published today in WatchGuard’s first Quarterly Internet Security Report, which explores the latest computer and network security threats affecting SMBs and distributed enterprises.

The results from Q4 2016, confirm that cyber criminals’ capability to automatically repack or morph their malware has outpaced the... Source: RealWire

Publicly Attacked Microsoft IIS Zero Day Unlikely to be Patched

Researchers have disclosed a zero-day vulnerability and proof-of-concept exploit for a flaw in Microsoft IIS 6.0.

The zero-day has been under attack since last July, the researchers said.