by klinesa | Jun 1, 2022 | Cybersecurity
A vulnerability in the Microsoft Support Diagnostic Tool (MSDT) could allow remote command execution on Windows systems. This vulnerability, nicknamed “Follina”, occurs when MSDT is called via a URL from an application such as Word, and is being actively exploited in...
by klinesa | May 12, 2022 | Cybersecurity
This month, Microsoft released security updates for 74 vulnerabilities and risk exposures, including seven rated critical, and one identified as “zero day”. Guidance for the most critical updates is highlighted below: VulnerabilityAffected ProductsCVEsWindows LSA...
by Quinn Hopkins | Apr 18, 2022 | Cybersecurity
A robust cybersecurity posture does not come easy, especially with a large enterprise. The relationship between the organization’s business management and its IT Security management often do not align perfectly for both teams to value the same priorities of the...
by klinesa | Apr 14, 2022 | Cybersecurity
This month, Microsoft released security updates for 128 vulnerabilities and risk exposures, including 10 rated critical, and two identified as “zero day”. Guidance for the most critical updates is highlighted below: VulnerabilityAffected ProductsCVEsRemote Procedure...
by klinesa | Apr 4, 2022 | Cybersecurity
Spring by VMware has released fixes for a critical vulnerability in Spring Framework, a widely used Java library. The vulnerability (CVE-2022-22965) could allow remote code execution via data binding when applications use the Spring Framework with JDK 9 or higher. It...
by klinesa | Mar 10, 2022 | Cybersecurity
This month, Microsoft released security updates for 71 vulnerabilities and risk exposures, including two rated critical. Guidance for the most critical updates is highlighted below: VulnerabilityAffected ProductsCVEsHEVC Video Extensions Remote Code ExecutionHEVC...
