< ciso
brief />
Tag Banner

All news with #patch release tag

439 articles · page 8 of 22

Google patches fourth Chrome zero-day this year in 2026

🛡️ Google has patched a fourth zero-day in Chrome this year, addressing CVE-2026-5281 in Dawn, the browser's WebGPU implementation, which allowed remote code execution via a crafted HTML page when the renderer process was compromised. The company confirmed an exploit exists in the wild and urges users to update to Chrome 146.0.7680.178 or newer. This fix follows earlier 2026 patches for CSS memory handling, the Skia graphics library, and the V8 JavaScript engine.
read more →

Apple Extends iOS 18 Security Patches for DarkSword

🔒 Apple has widened rollout of iOS 18.7.7 and iPadOS 18.7.7 to more devices, enabling users who remain on iOS 18 to receive critical fixes without upgrading to iOS 26. The broadened distribution, announced on April 1, addresses vulnerabilities exploited by the DarkSword exploit kit in web-based watering‑hole attacks. Devices with automatic updates will be patched automatically; others can update manually. Researchers warn the toolkit has been linked to multiple threat actors and to payloads such as GhostBlade, GhostKnife and GhostSaber, and that a public leak raises the risk of wider abuse.
read more →

Critical Cisco IMC auth bypass gives attackers Admin access

🔒 Cisco has released patches for a critical Integrated Management Controller (IMC) authentication bypass (CVE-2026-20093) that allows unauthenticated, remote attackers to gain Admin privileges by sending a crafted HTTP password-change request. The flaw affects CIMC on UCS C-Series and E-Series servers and permits altering any account password, including Admin. Cisco's PSIRT reports no known in-the-wild exploitation or public proof-of-concept yet and stresses there are no workarounds, so customers should upgrade to fixed software immediately.
read more →

14,000+ F5 BIG-IP APM Instances Exposed to RCE Attacks

⚠️ Shadowserver reports over 14,000 Internet-exposed BIG-IP APM instances remain vulnerable to CVE-2025-53521 after the flaw was reclassified from DoS to remote code execution. F5 confirmed the reclassification and warned that attackers are exploiting unpatched systems with access policies on virtual servers. F5 and CISA have published IOCs and mitigation guidance, and F5 recommends rebuilding compromised devices from known-good sources.
read more →

Apple Expands iOS 18.7.7 Availability to More Devices

🔒Apple expanded iOS 18.7.7 and iPadOS 18.7.7 availability on April 1, 2026, to protect a broader range of devices from the web-based exploit kit DarkSword. The release now covers many iPhone models from XR through the 16 series and multiple iPad mini, Air and Pro configurations, including devices capable of running iOS 26 but still on older releases. The backported fixes let users with Automatic Updates receive protections without upgrading to iOS 26; users without auto-update can choose the patched iOS 18 build or move to iOS 26. Apple also began issuing Lock Screen alerts to urge installations of the security patches.
read more →

Apple Widens iOS 18 Patch Support to Block DarkSword

🔒 Apple has expanded availability of iOS 18.7.7 to a broader set of iPhones and iPads to ensure devices remaining on iOS 18 receive protections against the actively exploited DarkSword exploit kit. The update delivers fixes for multiple vulnerabilities first mitigated in 2025 and addresses additional CVEs disclosed through 2026. Users with Automatic Updates enabled on eligible devices will receive these protections automatically. Researchers observed deployment of information-stealing and backdoor malware families including GhostBlade, GhostKnife, and GhostSaber in attacks exploiting these flaws.
read more →

Emergency Windows 11 KB5086672 Fixes Install Failures

🛠️ Microsoft released an out-of-band update, KB5086672, to replace the broken March preview KB5079391 and address installation failures that produced Error 0x80073712 on Windows 11 24H2 and 25H2 systems. The cumulative OOB update supersedes prior March protections and improvements and may be offered automatically to devices with "Get the latest updates" enabled. If that setting is off, install via Settings > Windows Update > Download & install.
read more →

Windows 11 KB5079391 Preview Adds Smart App Control

🛡️ Microsoft released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, delivering 29 non-security changes and optional fixes. The update lets administrators and users toggle Smart App Control on or off without reinstalling the OS via Settings > Windows Security > App & Browser Control. It also introduces display reliability enhancements, including support for monitors reporting refresh rates above 1000 Hz, native USB4 monitor connections, and improved HDR behavior. Installers can apply the preview via Windows Update or the Microsoft Update Catalog; installation is optional unless automatic preview updates are enabled.
read more →

TP-Link patches critical Archer NX router auth bypass

🔒 TP-Link released firmware updates for its Archer NX200, NX210, NX500, and NX600 routers to fix multiple vulnerabilities, including a critical authentication bypass that can permit unauthenticated firmware uploads via certain HTTP CGI endpoints. The vendor additionally removed a hardcoded cryptographic key and patched two command injection flaws that require administrative access. TP-Link warned customers to install the latest firmware immediately to block potential attacks. Failure to update may leave devices susceptible to takeover or configuration manipulation.
read more →

CISA Orders US Agencies to Patch Critical Cisco FMC Flaw

🔒 CISA has directed all federal civilian agencies to urgently patch a critical remote code execution vulnerability in Cisco Secure Firewall Management Center (FMC) — tracked as CVE-2026-20131 with a CVSS score of 10. Cisco released a fix on 4 March after reports that the Interlock ransomware group had been exploiting the flaw as a zero day. Agencies were given just three days after KEV listing to patch or discontinue use due to active ransomware campaigns.
read more →

CISA Orders Federal Patch for DarkSword iOS Flaws Now

🔒 CISA ordered U.S. federal agencies to patch three iOS vulnerabilities exploited by the DarkSword exploit kit, imposing a two-week deadline under BOD 22-01. Apple has released fixes and the flaws now only affect iPhones running iOS 18.4 through 18.7. Researchers linked DarkSword to multiple threat groups and to data-stealing malware families including GhostBlade, GhostKnife, and GhostSaber.
read more →

Microsoft issues KB5085516 to fix account sign-in bug

🔧 Microsoft released an out-of-band update, KB5085516, to fix a sign-in failure that prevented Microsoft account authentication in multiple apps after the March cumulative update KB5079473. Affected apps included Microsoft Edge, Teams, OneDrive, Microsoft 365 Copilot and Office apps, which reported the device was not connected to the Internet. The optional fix is available for Windows 11 25H2 and 24H2 via Windows Update or the Microsoft Update Catalog, and Microsoft recommends installing the latest updates.
read more →

Oracle patches critical RCE in Identity and Web Services

🔒 Oracle has released fixes for a critical pre-authentication remote code execution flaw, CVE-2026-21992, affecting Oracle Identity Manager and Oracle Web Services Manager. The issue carries a CVSS score of 9.8 and is described by NVD as "easily exploitable" over HTTP by unauthenticated attackers. Oracle says the flaw can enable full takeover of vulnerable instances and urges customers to apply updates immediately.
read more →

KEV: CISA Lists Apple, Craft CMS and Laravel Flaws

⚠️ CISA has added five actively exploited vulnerabilities affecting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) catalog and ordered federal agencies to patch them by April 3, 2026. The flaws include high‑severity memory corruption bugs in Apple WebKit and kernel components and critical code injection issues in Craft and Laravel that were fixed in 2025. Security researchers have observed exploitation linked to the DarkSword iOS exploit kit and campaigns attributed to MuddyWater.
read more →

KB5079473: March Windows 11 Update Breaks Sign-Ins

🛠️ Microsoft says the March Windows 11 cumulative update KB5079473 causes Microsoft account sign-in failures across multiple apps, including Teams, OneDrive, Edge, Excel, Word and Microsoft 365 Copilot. Affected apps display an erroneous message indicating the device is offline even when connected. Microsoft recommends restarting affected devices while they remain online as a temporary workaround while it works on a fix. Business sign-ins using Entra ID are not impacted.
read more →

Schneider Electric Modicon M241/M251/M262 DoS Vulnerability

⚠️ Schneider Electric disclosed a CWE-404 Improper Resource Shutdown or Release vulnerability (CVE-2025-13901) affecting Modicon M241, M251, and M262 controllers that can cause a partial denial-of-service of the Machine Expert protocol when an unauthenticated actor sends a crafted payload. The issue is rated CVSS v3.1 5.3 (Medium). Vendor firmware updates (M241/M251: 5.4.13.12; M262: 5.4.10.12) are available. Until updates are applied, isolate controllers, restrict network access, and use encrypted remote connections.
read more →

EcoStruxure Automation Expert: Vulnerability and Patch

⚠️Schneider Electric has disclosed a vulnerability in EcoStruxure Automation Expert (CVE-2026-2273), a CWE-94 code injection flaw that can execute arbitrary commands on an engineering workstation when an authenticated user opens a malicious project file. The issue affects versions prior to v25.0.1 and carries a CVSS v3.1 base score of 8.2 (High). Schneider fixed the vulnerability in v25.0.1; administrators should apply the vendor update promptly or implement recommended mitigations — including restrictive file permissions, storing project files in user home directories, and verifying file authenticity — to reduce the risk of workstation and broader system compromise.
read more →

Schneider Electric PME/EPO Deserialization Vulnerability

⚠️ Schneider Electric disclosed a deserialization-of-untrusted-data vulnerability affecting EcoStruxure Power Monitoring Expert (PME) and the Advanced Reporting and Dashboards module for EcoStruxure Power Operation (EPO). A locally authenticated attacker can supply crafted data to trigger unsafe deserialization and achieve arbitrary code execution with administrative privileges. Schneider has released hotfixes and recommends upgrading to PME 2024 R3; contact Customer Care to obtain fixes. Hotfixes for supported branches report no reboot required.
read more →

Ubuntu CVE-2026-3888: snap-confine Privilege Escalation

⚠️ A high-severity vulnerability tracked as CVE-2026-3888 affects default Ubuntu Desktop installations starting with 24.04, allowing an unprivileged local attacker to escalate to root by abusing the interaction between snap-confine and systemd-tmpfiles. The exploit relies on a timing window (roughly 10–30 days) in which systemd-tmpfiles removes stale /tmp entries, enabling an attacker to recreate sandbox directories with malicious payloads that are later bind-mounted as root. Ubuntu and upstream snapd have released patches; administrators should upgrade snapd and follow vendor guidance to mitigate exposure.
read more →

Apple issues WebKit fix via Background Security Improvements

🔒 Apple has issued Background Security Improvements to address CVE-2026-20643, a cross-origin flaw in WebKit's Navigation API that could be exploited to bypass the same-origin policy when processing maliciously crafted web content. Apple fixed the issue by improving input validation and shipped patches in iOS 26.3.1 (a), iPadOS 26.3.1 (a), macOS 26.3.1 (a), and macOS 26.3.2 (a). Researcher Thomas Espach is credited with the report. Users should keep Automatically Install enabled in Settings > Privacy and Security to receive these lightweight fixes promptly.
read more →