news

The software HP Touchpoint Analytics, which is preinstalled on many HP computers with Windows, uses the open-source hardware analysis library Open Hardware Monitor. A vulnerability discovered there (CVE-2019-6333) can be used by attackers who already have access to a system to gain system privileges and execute malicious code. HP has…

The a few days ago published Firefox version 69 contains numerous innovations in addition to a number of important vulnerability fixes. The same applies to the new versions 60.9 and 68.1 of the ESR (Extended Support Relase) version of the browser – and to the (still) ESR 60.x based Tor…

Just over a year and a half after the release of the Meltdown and Specter vulnerabilities, which enabled novel side channel attacks on a variety of processors from Intel and other vendors, new, related approaches have been discovered once again. The cleanup after the first discoveries still take. The research…

Ad Inserter, a plugin for managing and optimally placing ads on WordPress web pages, has until recently had a vulnerability that would allow authenticated attackers to remotely execute arbitrary code. The developer team of the security plugin WordFence has discovered the vulnerability and released a security notice. Accordingly, it affects…

Since the release of Firefox 65 in late January, many users on Windows systems have had connectivity issues resulting from conflicts between the Web browser and third-party antivirus software. The new Firefox version 68, whose release is scheduled for next Tuesday, July 9, 2019, is designed to address these issues.…

In the Chrome version of the popular Evernote Web Clipper browser extension for easy online content storage, a bug in the code of all versions up to and including 7.11.1 allowed cross-site scripting (XSS) attacks to be performed across domains collect confidential user information. The research team of the security…