< ciso
brief />
Security Advisory and Patch Watch Banner

All news in category “Security Advisory and Patch Watch

2062 articles · page 47 of 104

Siemens SINEC NMS and UMC DLL Load Vulnerabilities

⚠️ Siemens has published fixes for two local privilege escalation vulnerabilities affecting SINEC NMS and the User Management Component (UMC). A low-privileged user could modify configuration files to force the application to load malicious DLLs, potentially enabling arbitrary code execution with elevated (including SYSTEM) privileges. The issues are tracked as CVE-2026-25655 and CVE-2026-25656 (CWE-427) with a CVSS v3.1 base score of 7.8. Administrators should apply SINEC NMS V4.0 SP2 and UMC V2.15.2.1 or later as provided by Siemens ProductCERT.
read more →

Siemens Desigo CC and SENTRON Powermanager CodeMeter Flaw

🔒 Siemens reports a heap-based buffer overflow in the WIBU CodeMeter Runtime used by Desigo CC and SENTRON Powermanager products. The flaw (CVE-2023-38545) occurs during the SOCKS5 proxy handshake when curl mishandles hostnames longer than 255 bytes and can enable code execution in the context of the affected process. Siemens provides instructions to update the CodeMeter Runtime component and advises upgrading affected systems to V8.0 QU2 or later; follow the vendor's patching guidance promptly.
read more →

Siemens NX CGM File Parsing Vulnerabilities — Update

⚠️ Siemens NX contains multiple file-parsing vulnerabilities in its handling of CGM files that can cause application crashes or enable arbitrary code execution when a malicious file is opened. Siemens has released fixes and advises updating to V2512 or later. Do not open untrusted CGM files and apply vendor updates promptly. Follow CISA guidance on network isolation and secure remote access.
read more →

Polarion XSS Vulnerability: Siemens Issues Fix Advisory

⚠ Siemens has disclosed a stored cross-site scripting (XSS) vulnerability in Polarion V2404 and V2410 that permits authenticated remote attackers to inject JavaScript into document titles, which can execute in other users' sessions. The flaw is tracked as CVE-2025-40587 and has a CVSS v3.1 base score of 7.6 (High). Siemens advises updating to Polarion V2404.5 or later and V2410.2 or later to remediate the issue. Administrators should prioritize patching, reduce network exposure, and follow Siemens' industrial security guidance.
read more →

Amazon RDS Adds SQL Server 2022 Cumulative Update CU23

🔄 Amazon Relational Database Service now supports the latest Cumulative Update, CU23 (KB5078297), for SQL Server 2022 on Amazon RDS for SQL Server. We recommend that customers upgrade affected RDS instances to apply this update to obtain fixes and improvements. You can perform the upgrade through the Amazon RDS Management Console or programmatically using the AWS SDK or CLI, and consult the Amazon RDS SQL Server User Guide for detailed upgrade instructions.
read more →

83% of Ivanti EPMM Exploits Traced to Single IP Address

🔍 GreyNoise attributes 83% of exploitation attempts against Ivanti Endpoint Manager Mobile (EPMM) to a single IP hosted on PROSPERO bulletproof infrastructure. Between Feb 1–9, 2026 it recorded 417 sessions from eight source IPs, with 346 sessions from 193.24.123[.]42. Activity targeted CVE-2026-1281 (CVSS 9.8), showed automated tooling patterns and DNS OAST callbacks, and involved rotation through 300+ user-agent strings. Defused Cyber also reported a dormant "/mifs/403.jsp" sleeper shell deployed to some EPMM instances.
read more →

Apple Patches Exploited dyld Zero-Day Across Devices

🔒 Apple released updates for iOS, iPadOS, macOS Tahoe, tvOS, watchOS and visionOS to fix an actively exploited zero-day, tracked as CVE-2026-20700, a memory corruption flaw in dyld that can permit arbitrary code execution when an attacker has memory write capability. Google Threat Analysis Group (TAG) is credited with reporting the issue. Apple said the bug may have been used in extremely sophisticated targeted attacks and also issued related fixes for CVE-2025-14174 and CVE-2025-43529. Patches are available for supported recent devices and additional updates address vulnerabilities in older OS releases.
read more →

Apple fixes dyld zero-day used in targeted attacks

🔒 Apple issued security updates to fix a zero-day in dyld (CVE-2026-20700) that was exploited in an extremely sophisticated targeted attack against specific individuals. Apple warns an attacker with memory write capability may be able to execute arbitrary code on affected devices. Patches are available in iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3 and visionOS 26.3; users and administrators should install them immediately to reduce risk.
read more →

Windows 11 Notepad flaw let Markdown links run code

🔒Microsoft fixed a remote code execution vulnerability in Windows 11 Notepad that allowed specially crafted Markdown links to launch local or remote programs without triggering Windows security dialogs. Tracked as CVE-2026-20841, the issue originated from Notepad's Markdown rendering treating certain file- and protocol-based links as clickable and unverified. Microsoft patched the flaw in the February 2026 Patch Tuesday updates and is distributing the Notepad update via the Microsoft Store; Notepad now displays a warning for non-http(s) links, though attackers could still try to social-engineer users into accepting prompts.
read more →

Over 60 Vendors Issue Security Patches Across Platforms

🔒 It's Patch Tuesday: more than 60 software vendors released security updates addressing flaws across OS, cloud, and networking platforms. Microsoft fixed 59 vulnerabilities, including six actively exploited zero-days that can bypass protections, escalate privileges, or cause DoS. SAP patched two critical bugs — a SQL injection in CRM/S/4HANA (CVE-2026-0488, CVSS 9.9) and a missing authorization in NetWeaver ABAP (CVE-2026-0509, CVSS 9.6) — which may require kernel updates and role or UCON adjustments. Intel and Google also disclosed five TDX 1.5 vulnerabilities and numerous improvement suggestions; Adobe released multiple product updates with no known in-the-wild exploits reported.
read more →

Microsoft Patches 59 Flaws, Six Actively Exploited

🔒 Microsoft released security updates fixing 59 vulnerabilities across Windows and related products, including six flaws Microsoft says are being actively exploited. The update includes five Critical, 52 Important and two Moderate fixes, addressing privilege escalation, remote code execution, spoofing and information disclosure. Microsoft and external researchers reported several actively exploited CVEs; CISA has added them to its KEV catalog with a March 3, 2026 remediation deadline for federal agencies.
read more →

Microsoft patches six actively exploited zero-days

🔒 Microsoft released updates to fix six actively exploited zero-day vulnerabilities, three of which have been publicly disclosed. The issues include security feature bypasses in Windows Shell, MSHTML and Word, plus elevation-of-privilege and denial-of-service flaws affecting DWM, Remote Access Connection Manager and Remote Desktop Services. None are rated critical and only five of 58 patches this month were classed as critical. Administrators should prioritise applying updates and monitoring for exploitation.
read more →

February 2026 Patch Tuesday: Six Exploited Microsoft Bugs

🔒 Microsoft’s February 2026 Patch Tuesday delivers 60 fixes, including six vulnerabilities the vendor says are actively exploited. Three are security feature bypass flaws in Windows Shell, MSHTML and Office OLE mitigations; two permit local elevation to System, and one enables local denial-of-service. Experts note patches are straightforward and require no post-patch configuration, but prioritization of the bypasses and cloud-related issues is urgent.
read more →

Microsoft Patch Tuesday — February 2026 Security Update

🔔 Microsoft released its February 2026 security updates addressing 59 vulnerabilities across Windows and cloud products, including two Critical issues in ACI Confidential Containers. Several vulnerabilities are reported as actively exploited and others have been publicly disclosed, impacting components such as Windows Shell, MSHTML, Office, Azure, Hyper-V, and GitHub Copilot. Talos is publishing a new Snort ruleset to detect exploitation attempts; administrators should apply Microsoft patches and update intrusion detection signatures promptly.
read more →

BeyondTrust patches critical unauthenticated RCE flaw

🔒 BeyondTrust has released emergency patches to address a critical unauthenticated remote code execution vulnerability in self-hosted instances of Remote Support and Privileged Remote Access. Tracked as CVE-2026-1731 and discovered in January by Hacktron AI, the flaw is rated 9.9/10. BeyondTrust published Patch BT26-02-RS for RS 21.3–25.3.1 and Patch BT26-02-PRA for PRA 22.1–24.x; PRA 25.1+ are not affected and SaaS tenants were patched server-side. Around 11,000 RS instances are internet-exposed, roughly 8,500 of which are on-premises and need immediate patching.
read more →

Patch Tuesday: February 2026 — Six Zero-Day Fixes Security

🔒 Microsoft released February 2026 Patch Tuesday updates addressing more than 50 vulnerabilities, including six actively exploited zero-days. Patches cover security feature bypasses in Windows Shell, MSHTML and Word, elevation-of-privilege flaws in Remote Desktop Services and Desktop Window Manager, and a denial-of-service risk in the Remote Access Connection Manager. Administrators and developers are urged to prioritize testing and deployment, maintain recent backups, and apply least-privilege controls to limit exposure, particularly for AI-assisted development workflows.
read more →

Microsoft releases Windows 10 KB5075912 ESU update

🔒 Microsoft released the Windows 10 KB5075912 extended security update for ESU-enrolled systems and Enterprise LTSC installations to address February 2026 Patch Tuesday fixes, including six actively exploited zero-day vulnerabilities. After installation, affected systems are updated to build 19045.6937 (or 19044.6937 for LTSC 2021). The update also continues a phased rollout of replacement Secure Boot certificates and resolves a Secure Launch-related shutdown/hibernation issue.
read more →

Microsoft February 2026 Patch Tuesday: 6 Zero-Days Fixed

🔒 Microsoft released its February 2026 Patch Tuesday security update addressing 58 flaws, including six actively exploited zero-days and three that were publicly disclosed. The release fixes five Critical bugs and numerous elevation-of-privilege, remote code execution, and information disclosure issues across Windows and Office components. Microsoft also began a phased rollout of updated Secure Boot certificates to replace expiring 2011 certificates and has integrated built-in Sysmon functionality into Windows 11 insider builds.
read more →

Windows 11 KB5077181 and KB5075941 February 2026 Updates

🔒 Microsoft released Windows 11 cumulative updates KB5077181 (for 25H2/24H2) and KB5075941 (for 23H2) delivering the February 2026 Patch Tuesday security fixes, bug fixes, and feature improvements. The updates move systems to 26200.7840 (25H2), 26100.7840 (24H2), and 226x1.6050 (23H2). Notable additions include Cross‑Device Resume expansion, an inbox Windows MIDI Services implementation, enhanced Windows Hello peripheral fingerprint support, and a user toggle for Smart App Control. Install via Settings > Windows Update or download from the Microsoft Update Catalog.
read more →

Microsoft updates Secure Boot certs before June 2026

🔐 Microsoft has begun rolling out updated Secure Boot certificates through regular monthly Windows updates to replace the original 2011 certificates that will expire in late June 2026. The automatic refresh targets devices with Microsoft-managed updates; many PCs shipped since 2024 and most built in 2025 already include the new certificates. Some systems may still require separate OEM firmware updates before the new certs can be installed. Administrators can also deploy the new certificates via registry keys, Group Policy, or the Windows Configuration System to ensure Windows Boot Manager and Secure Boot protections remain in place.
read more →