Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.
With this month's Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are actively exploited in the wild.
In today's Patch Tuesday, Microsoft will be releasing a wide variety of patches, and among them will be one for a zero-day vulnerability that has been used in a cyber-espionage campaign targeting NATO, the European Union, Ukrainian and Polish government organizations, and European companies in the telecommunications and energy sectors.
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with Man-in-the-Middle attacks.
In a eclectic keynote delivered to the Black Hat conference audience, Dan Geer, CISO at In-Q-Tel, made known his thoughts on and ideas about a number of things: from Internet voting to vulnerability finding, from net neutrality to the right to be forgotten.