HP-PC’s – Vulnerability in Touchpoint Analytics

The software HP Touchpoint Analytics, which is preinstalled on many HP computers with Windows, uses the open-source hardware analysis library Open Hardware Monitor. A vulnerability discovered there (CVE-2019-6333) can be used by attackers who already have access to a system to gain system privileges and execute malicious code. HP has…

Firefox – New versions increase security

The a few days ago published Firefox version 69 contains numerous innovations in addition to a number of important vulnerability fixes. The same applies to the new versions 60.9 and 68.1 of the ESR (Extended Support Relase) version of the browser – and to the (still) ESR 60.x based Tor…

New Specter Gap in Intel Processors on Windows

Just over a year and a half after the release of the Meltdown and Specter vulnerabilities, which enabled novel side channel attacks on a variety of processors from Intel and other vendors, new, related approaches have been discovered once again. The cleanup after the first discoveries still take. The research…

WordPress Plugin – Ad Inserter: Critical Vulnerability fixed

Ad Inserter, a plugin for managing and optimally placing ads on WordPress web pages, has until recently had a vulnerability that would allow authenticated attackers to remotely execute arbitrary code. The developer team of the security plugin WordFence has discovered the vulnerability and released a security notice. Accordingly, it affects…

Firefox 68 – Antivirus software bug will be fixed soon

Since the release of Firefox 65 in late January, many users on Windows systems have had connectivity issues resulting from conflicts between the Web browser and third-party antivirus software. The new Firefox version 68, whose release is scheduled for next Tuesday, July 9, 2019, is designed to address these issues.…

Chrome Add-On Evernote Web Clipper – Critical Vulnerability Fixed

In the Chrome version of the popular Evernote Web Clipper browser extension for easy online content storage, a bug in the code of all versions up to and including 7.11.1 allowed cross-site scripting (XSS) attacks to be performed across domains collect confidential user information. The research team of the security…

1 2 3 14