To address recently revealed SQLite and WebKit security vulnerability, Apple this week released updates for iTunes and iCloud for Windows applications. iTunes for Windows 12.9.5 was issued with patches for as many as 25 flaws. Of these, four affect SQLite, while the residual 21 were addressed in WebKit. The SQLite Continue Reading
SandboxEscaper, the security researcher who posted a claimed 0-day Windows 10 flaw on GitHub on Tuesday, has now posted the residual four exploits that she said she owned. This is not the first time that SandboxEscaper has openly revealed Windows 0-days. The four new exploits are known as AngryPolarBearBug2, SandboxEscape, InstallerBypass and CVE-2019-0841-BYPASS. All Continue Reading
Just a week after Microsoft’s monthly cycle of security updates, Exploit developer SandboxEscaper has silently released a new zero-day exploit for the Windows operating system. This exploit, the fifth in a string that began in late August last year, attains local privilege appreciation, yielding a limited user full control over files earmarked for Continue Reading
A memory corruption flaw lately discovered in Linux Kernel’s execution of RDS over TCP could result in privilege escalation. The vulnerability, tracked as CVE-2019-11815 and including a CVSS base score of 8.1, affects Linux kernels before 5.0.8, but only systems that use the Reliable Datagram Sockets (RDS) for the TCP module. A Continue Reading
A major new set of flaws in almost all post-2011 Intel chips that could enable side-channel attacks targeting crucial information has been discovered. Reported in January 2018, ZombieLoad is reminiscent of Spectre and Meltdown viruses because it impacts desktop and laptop machines as well as cloud servers. Like them, it exploits Continue Reading
By