Security Alerts & News
by Tymoteusz A. Góral

History
#1458 Microsoft patches 47 vulnerabilities with September Patch Tuesday
Microsoft patched 47 vulnerabilities as part of 14 security bulletins, seven critical, with its monthly Patch Tuesday updates today.

The company is warning users that if left unpatched, 10 of the issues can lead to remote execution.

The updates resolve issues in Microsoft Windows, Office, Office Service and Web Apps, Exchange, its Internet Explorer and Edge browsers and Adobe Flash Player.

Among the bugs fixed on Tuesday is a 10-year-old vulnerability, CVE-2016-0137, that existed in Detours, Microsoft Office’s hooking engine. The bug, disclosed over the summer and discussed in depth at Black Hat, affected a handful antivirus platforms that use code hooking. The vulnerability allowed hackers to bypass exploit mitigations present in Windows and those third party applications. Researchers at enSilo, who unearthed the bug, disclosed it to Microsoft nine months ago, prior to Black Hat. At the time the researchers warned that hundreds of thousands of users could be affected by the vulnerability.
Read more
#1460 Hackers found 47 new vulnerabilities in 23 IoT devices at DEF CON
#1459 iOS 10 security updates move to HTTPS
#1458 Microsoft patches 47 vulnerabilities with September Patch Tuesday
#1457 UK: Government data security slammed in new report
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12