Oddbean new post about | logout
zCat | 9 days ago (raw) | export | reply | flag 
 Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws

Today is Microsoft's November 2024 Patch Tuesday, which includes security updates for 91 flaws, including four zero-days, two of which are actively exploited.

This Patch Tuesday fixed four critical vulnerabilities, which include two remote code execution and two elevation of privileges flaws.

See more
Bleeping Computer: https://www.bleepingcomputer.com/news/microsoft/microsoft-november-2024-patch-tuesday-fixes-4-zero-days-91-flaws/

SecurityWeek:
https://www.securityweek.com/microsoft-confirms-zero-day-exploitation-of-task-scheduler-flaw/

The Hackers News:
https://thehackernews.com/2024/11/microsoft-fixes-90-new-vulnerabilities.html

#cybersecurity #zeroday
zCat | 1 days ago (raw) | root | parent | reply | flag 
 Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack

A critical vulnerability in the Windows Kerberos authentication protocol poses a significant risk to millions of servers. Microsoft addressed this issue in last week’s Patch Tuesday updates. Ensure these patches are installed to protect your systems.


Microsoft has released a patch for a critical vulnerability in Microsoft Kerberos, a widely used authentication protocol for verifying host or user identities. This flaw, allows attackers to send crafted requests to vulnerable systems to gain unauthorised access and remote code execution (RCE).

See more: https://hackread.com/windows-kerberos-flaw-millions-of-servers-attack/

#cybersecurity #kerberos

nostr:nevent1qqsxntukyxgltucqkcmspgtztzx7f3vgads35ujytvf2zvywxhgxwqqppemhxue69uhkummn9ekx7mp0qgspdlfx7qq9fanp28rt67f9ahh5zkrpqwh3n4z9lylkda0zfv6yy7srqsqqqqqp0rkhy7