Data race in audio in Google Chrome before 89.0.4389.72 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |
||
debian debian linux 10.0 |
100+ dissidents, politicians, journos targeted by Israeli espionage toolkit
Analysis Software patches from Microsoft this week closed two vulnerabilities exploited by spyware said to have been sold to governments by Israeli developer Candiru. On Thursday, Citizen Lab released a report fingering Candiru as the maker of the espionage toolkit, an outfit Microsoft code-named Sourgum. It is understood the spyware, code-named DevilsTongue by Microsoft, exploited at least a pair of zero-day holes in Windows to infect particular targets' machines. Redmond said at least 100 peop...
Plus: Chrome also patched, Microsoft and Intel team up for homomorphic encryption, and more The torture garden of Microsoft Exchange: Grant us the serenity to accept what they cannot EOL
In brief Apple on Monday released security patches for macOS, iOS, iPadOS, watchOS, and Safari to fix up a vulnerability that can be exploited by malicious web pages to run malware on victims' computers and gadgets. Thus surfing to a dodgy page could be enough to hand over control of your iThing or Mac to miscreants. Apple thanks Clément Lecigne of Google’s Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research for reporting the arbitrary code execution security ...