bug

A particularly embarrassing bug makes it easy to send emails that appear to be from Microsoft employees. It's bad news for the public as it could make phishing scams appear more credible. The good news is that it only works if the recipient is using ... Outlook, though "good" is a comparative term because there are over 400 million Outlook users worldwide. (Source: cyberdaily.au ) Users Asked to Remain Vigilant Exactly how the bug works and where its found still isn't known, as the security researcher says they do not want to give details that could help potential attackers exploit the bug on a ... (view more)

This month's Microsoft "Patch Tuesday" update includes a fix for a major threat in Outlook. The bug means simply opening an email can trigger the attack. The update should have been applied to most systems by now, but some users may have shut off ... Windows Update, in which case it is recommended to re-enable and patch immediately. The threat, discovered by security company Morphisec, is a remote code execution vulnerability. That's particularly nasty as it gives an attacker the ability to remotely operate on the victim's computer. They could then spread malware, install ransomware or attempt to ... (view more)

The latest Windows update fixes a nasty bug that could put users at risk when connected to public WiFi. An attacker could exploit it simply by using the same network. The bug, with the reference number CVE-2024-30078, is rated as "important" by ... Microsoft. That rating takes into account both how easy it is to exploit and how much damage it would do. (Source: microsoft.com ) The problem is with WiFi drivers, used to make Windows work with the hardware in a computer (usually a laptop) to connect to a wireless network. It would allow hackers to take advantage of the way Internet data is broken up ... (view more)

A Windows bug patched last month had been exploited for six months by hackers linked to North Korea. Microsoft reportedly knew about it and the delay in fixing it may have been down to internal bureaucracy. Security company Avast found the bug last ... August and reported it to Microsoft. At the time it was already a zero-day bug , meaning there was evidence hackers not only knew about the bug but where taking advantage of it. That meant Microsoft had "zero days" head start in coming up with a fix and rolling it out before hackers exploited it. Microsoft released a fix in the February "Patch ... (view more)

Microsoft has fixed two bugs which bypassed Windows security measures. Both were actively exploited before the fix, making it vital to install the updates. The fixes come in this month's "Patch Tuesday" update, the main monthly security update that ... Microsoft officially calls the "B update". It should download and install without further action for anyone with automatic updates switched on, but may need a reboot to complete. Both bugs affect most supported versions of Windows, including 10, 11 and Windows Server. Microsoft rates the two bugs as "important" and "moderate" respectively, though ... (view more)

Google has fixed an unusual bug that mistakenly implied trusted contacts might be spammers. It asked users to make a decision about future filtering but took no notice of the reply. The good news is that the fix removes the unwanted messages and the ... filtering now appears to be working as intended. The bug involves the way Google will occasionally highlight a message sender as a potential source of unwanted emails. Users can then click one button to block all future messages from the sender. Once the bug took effect, many more users than usual started seeing the message, which read: "Do ... (view more)

Apple has released a patch for a potentially serious iPhone bug. It's worth double-checking the patch was installed automatically and forcing it to do so if it has not. The fix comes in version 15.0.2 of iOS and patches an actively exploited ... zero-day bug. That means attackers not only know about the security hole but were already using it before Apple could release a fix. In other words, Apple had a "zero days" head start in the battle between patching and hacking. The bug involves memory corruption and means a correctly-targeted attack could allow malware to access parts of the memory that ... (view more)

Apple has warned users to check their portable devices to ensure they are up to date. A bug that affects iPhones, iPads and Apple Watches may already be under attack by hackers. The bug affects WebKit, which is the underlying software for Safari and ... any other web browsers which use Apple's operating system iOS. Specifically, it covers the way web content appears and the way browsers keep track of which sites a user has recently visited, allowing features such as the browser back button to work properly. Apple isn't giving many details of exactly how the bug works or could be exploited, which ... (view more)

A single character from ancient English could crash a Windows 10 PC, thanks to an odd security glitch. It's been patched in the most recent Windows updates, making it an important fix for those who download updates manually. The bug appears to work ... in most major browsers and involves the Æ symbol. If that isn't clear on your device, it's the symbol that looks like a capital A in italics squashed into a capital E. The symbol, sometimes called "ash" in English, has been used to designate specific sounds in several language over the past few thousand years. In old English it was a sound ...<a href="/news/10902/single-character-could-crash-windows-pc" class="more-link">view more

If you use Chrome, you need to make sure it's up to date. The browser has been hit by a dreaded zero-day flaw . In this case, hackers are aware of the bug and are actively exploiting it before Google has a chance to issue a security patch. The name ... comes from the fact that Google has "zero days" head start in getting the patches out. Google confirmed that it "is aware of reports that an exploit for CVE-2021-21166 [the bug in question] exists in the wild." (Source: googleblog.com ) High Severity Flaw The security flaw is rated as "high severity" on Google's rankings of how much ... (view more)