Zero-Day Bugs Bug the Biggies

New-Spyware-Actively-Targets-Android-Users

 

One of the most serious risks to IT firms has been zero-day vulnerabilities. Several attackers have been seen exploiting new zero-day vulnerabilities in widely used commercial goods in recent days.

 

Apple has a handful of problems

Apple has issued emergency updates for two zero-day vulnerabilities in its iPhone, iPad, and Mac products.

The first problem is an out-of-bounds write vulnerability in AppleAVD, the audio/video decoding component, which has been assigned the number CVE-2022-22675.

The other weakness is an out-of-bounds read problem in the Intel Graphics Driver module, which has been assigned CVE-2022-22674. In the wild, both of these bugs are known to be exploited.

iOS 15.4.1, iPadOS 15.4.1, macOS Monterey 12.3.1, tvOS 15.4.1, and watchOS 8.5.1 have all been updated to solve these problems.

Bugs from Trend Micro

Trend Micro has patched a critical flaw in Apex Central, a centralised administration panel for Trend Micro products and services, that was being used in targeted assaults.

The CVE-2022-26871 issue affects both the SaaS and on-premises versions of the centralised administration console.

An attacker might use the flaw to upload and execute code from a remote location. At least one active effort at exploitation in the wild has been acknowledged by the corporation.

Patches for the SaaS version were issued in early March, and now Patch 3 (Build 6016) has been released for on-premises systems.

Chrome is a web browser developed by Google.

Google has patched a high-severity zero-day vulnerability in the Google Chrome browser that had been widely exploited.

The CVE-2022-1096 problem affects the Chrome V8 JavaScript engine and is a form of misunderstanding vulnerability.

Chrome 99.0.4844.84 for Windows, Mac, and Linux has been updated to solve the problem.

 

Notes at the end

Attackers are increasingly discovering and exploiting new zero-day vulnerabilities, posing a threat to businesses’ security posture. Experts advise establishing numerous levels of security to keep safe. Additionally, only required apps should be installed, and a comprehensive patch management system should be used to patch them as soon as updates become available

By IEMA IEMLabs

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!