Microsoft Patches Zero-Day Browser Bug Under Active Attack
In its February Patch Tuesday bulletin Microsoft patches four public bugs and one that under active attack.
Edge
Zero-Day Bug Fixed by Microsoft in December Patch Tuesday
Microsoft patches nine critical bugs as part of December Patch Tuesday roundup.
Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw
A flaw in Safari – that allows an attacker to spoof websites and trick victims into handing over their credentials – has yet to be patched.
Microsoft’s April Patch Tuesday release includes fixes for 66 bugs, 24 of which are rated critical.
A popular porn site is used by KovCoreG Group to launch multiple malvertising campaigns exposing millions to fake browser updates and malware.
Microsoft releases a total of 57 security patches, part of its July Patch Tuesday, with 20 rated critical.
Microsoft said Wednesday it would extend its Edge bug bounty program indefinitely.
Yesterday’s Patch Tuesday release also included an update to Microsoft’s Internet Explorer and Edge browsers officially ending support for the SHA-1 hash function.
Mike Mimoso and Chris Brook discuss the news of the week, including Pwn2Own 2017, Microsoft’s silence around February’s Patch Tuesday, and a nasty SAP bug.
The news of the week is discussed, including Schneier’s DDoS article, a patched IE/Edge zero day, a new OS X malware detection method, and Google’s Project Zero prize.
