Search results for macos microsoft updates app | Breaking Cybersecurity News | The Hacker News

Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an elevation of privilege vulnerability (CVE-2019-1235) in Windows Text Service Framework (TSF), more likely related to a 20-year-old flaw Google security researcher disclosed last month . Two other vulnerabilities patched this month are reported as being actively exploited in the wild by hackers, both are privilege elevation flaws—one resides in the Windows operating system and the other in Windows Common Log File System Driver. Besides these, Microsoft has released patches for four critical RCE vulnerabilities in Windows built-in Remote Desktop Client application that could enabl...

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed  Achilles  ( CVE-2022-42821 , CVSS score: 5.5), was addressed by the iPhone maker in  macOS Ventura 13 ,  Monterey 12.6.2 , and  Big Sur 11.7.2 , describing it as a logic issue that could be weaponized by an app to circumvent Gatekeeper checks. "Gatekeeper bypasses such as this could be leveraged as a vector for initial access by malware and other threats and could help increase the success rate of malicious campaigns and attacks on macOS," Jonathan Bar Or of the Microsoft 365 Defender Research Team  said . Gatekeeper is a  security mechanism  designed to ensure that only trusted apps run on the operating system. This is  enforced  by means of an extended attribute called "com.apple.quarantine" that's...

Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple's macOS operating system that could be weaponized by a threat actor to expose users' personal information. Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Control (TCC) security framework, which enables users to configure the privacy settings of their apps and provide access to protected files and app data. The  Security & Privacy pane  in the macOS System Preferences app serves as the front end of TCC. Microsoft 365 Defender Research Team, which reported the vulnerability to Apple on July 15, 2021, dubbed the flaw " powerdir ." Apple  addressed  the issue as part of macOS 11.6 and 12.1 updates released in December 2021 with improved state management. While Apple does enforce a policy that limits access to TCC to only apps with full disk access, it's possible to orchestrate an attack wherein a malicious application could ...

It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users' interaction. Out of 79 vulnerabilities, 18 issues have been rated as critical and rest Important in severity. Two of the vulnerabilities addressed this month by the tech giant are listed as publicly known, of which one is listed as under active attack at the time of release. May 2019 security updates address flaws in Windows OS, Internet Explorer, Edge, Microsoft Office, and Microsoft Office Services and Web Apps, ChakraCore, .NET Framework, and ASP.NET, Skype for Android, Azure DevOps Server, and the NuGet Package Manager. Critical Wormable RDP Vulnerability The wormable vulnerability ( CVE-2019-0708 ) resides in Remote Desktop...

Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "trivially and reliably" bypass a "myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle  detailed  the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score: 5.5), the issue relates to a scenario where a rogue macOS app may circumvent  Gatekeeper  checks, which ensure that only trusted apps can be run and that they have passed an automated process called " app notarization ." The iPhone maker, crediting Gordon Long of Box with reporting the flaw, said it  addressed the weakness  with improved checks as part of macOS 11.6 updates officially released on September 20, 2021. "Such bugs are often particularly impactful to everyday macOS users as they provide a means for adware and malware authors to sidestep macOS security mechanisms, …m...

Microsoft on Tuesday  issued fixes for 56 flaws , including a critical vulnerability that's known to be actively exploited in the wild. In all, 11 are listed as Critical, 43 are listed as Important, and two are listed as Moderate in severity — six of which are previously disclosed vulnerabilities. The updates cover .NET Framework, Azure IoT, Microsoft Dynamics, Microsoft Edge for Android, Microsoft Exchange Server, Microsoft Office, Microsoft Windows Codecs Library, Skype for Business, Visual Studio, Windows Defender, and other core components such as Kernel, TCP/IP, Print Spooler, and Remote Procedure Call (RPC). A Windows Win32k Privilege Escalation Vulnerability The most critical of the flaws is a Windows Win32k privilege escalation vulnerability (CVE-2021-1732, CVSS score 7.8) that allows attackers with access to a target system to run malicious code with elevated permissions. Microsoft credited JinQuan, MaDongZe, TuXiaoYi, and LiHao of DBAPPSecurity for discovering and re...

Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection ( SIP ) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug that was addressed by Apple as part of macOS Sequoia 15.2 released last month. The iPhone maker described it as a "configuration issue" that could permit a malicious app to modify protected parts of the file system. "Bypassing SIP could lead to serious consequences, such as increasing the potential for attackers and malware authors to successfully install rootkits, create persistent malware, bypass Transparency, Consent and Control (TCC), and expand the attack surface for additional techniques and exploits," Jonathan Bar Or of the Microsoft Threat Intelligen...

Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on affected devices. Specifically, the flaw – dubbed  Migraine  and tracked as CVE-2023-32369 – could be abused to get around a key security measure called System Integrity Protection ( SIP ), or "rootless," which limits the actions the root user can perform on protected files and folders. "The most straight-forward implication of a SIP bypass is that [...] an attacker can create files that are protected by SIP and therefore undeletable by ordinary means," Microsoft researchers Jonathan Bar Or, Michael Pearse, and Anurag Bohra  said . Even worse, it could be exploited to gain arbitrary kernel code execution and even access sensitive data by replacing databases that manage Transparency, Consent, and Control (TCC) policies. The bypass is made possible by leveraging a built-in macOS tool ...

Apple has introduced a Rapid Security Response feature in iOS 16 and macOS Ventura that's designed to deploy security fixes without the need for a full operating system version update. "macOS security gets even stronger with new tools that make the Mac more resistant to attack, including Rapid Security Response that works in between normal updates to easily keep security up to date without a reboot," the company  said  in a statement on Monday. The feature, which also works on iOS , aims to separate regular software updates from critical security improvements and are applied automatically so that users are quickly protected against in-the-wild attacks and unexpected threats. It's worth noting that Apple tested an analogous option in iOS 14.5. Rapid Security Response, viewed in that light, mirrors a similar approach taken by Google through Play Services and Play Protect to secure Android devices from malware and other kinds of fraud. Another key security fea...

The operators of the XCSSET macOS malware have upped the stakes by making iterative improvements that add support for macOS Monterey by upgrading its source code components to Python 3. "The malware authors have changed from hiding the primary executable in a fake Xcode.app in the initial versions in 2020 to a fake Mail.app in 2021 and now to a fake Notes.app in 2022," SentinelOne researchers Phil Stokes and Dinesh Devadoss  said  in a report. XCSSET, first  documented  by Trend Micro in 2020, has many moving parts that allow it to  harvest sensitive information  from Apple Notes, WeChat, Skype, and Telegram; inject malicious JavaScript code into various websites; and dump cookies from Safari web browser. Infection chains entail using a dropper to compromise users' Xcode projects with the backdoor, with the latter also taking steps to evade detection by masquerading as either system software or the Google Chrome web browser application. The primary ex...

Are you experiencing slow Internet speed on your MacBook today? — It's not just you! Here's Why: Following in Microsoft's footsteps , Apple has started " pre-downloading " the latest version of its desktop operating system, macOS 10.12 Sierra, in the background, if you are still running OS X El Capitan. If you have automatic downloads enabled on your Mac, a large file of around 5GB will mysteriously be downloaded to your computer in the background, using your Internet bandwidth for unrequested files. Apple justifies this move by saying that the automatic download would make it easier for users to get the newest operating system, encouraging them to update their Macs. The good news, however, is that the update will not install automatically without your permission. Once downloaded automatically in the background, users who are running OS X El Capitan version 10.11.5 or later will receive a notification that says macOS Sierra is ready to be installed....

Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer . The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows ( Lumma Stealer or DeerStealer ) and Android ( Marcher ). TA2727 is a "threat actor that uses fake update themed lures to distribute a variety of malware payloads," the Proofpoint Threat Research Team said in a report shared with The Hacker News.  It's one of the newly identified threat activity clusters alongside TA2726, which is assessed to be a malicious traffic distribution system (TDS) operator that facilitates traffic distribution for other threat actors to deliver malware. The financially motivated threat actor is believed to be active since at least September 2022. TA2726, per the enterprise security firm, acts as a TDS for TA2727 and another threat actor ca...

Here we are with our weekly roundup, briefing this week's top cybersecurity threats, incidents, and challenges, just in case you missed any of them. Last week has been very short with big news from the theft of over 4,700 Bitcoins from the largest cryptocurrency mining marketplace to the discovery of a new malware evasion technique that works on all versions of Microsoft's Windows operating system. Besides this, the newly discovered Janus vulnerability in the Android operating system and a critical remote code execution (RCE) vulnerability in Malware Protection Engine (MPE) for which Microsoft released an emergency patch made their places in our weekly roundup. I recommend you to read the entire news (just click 'Read More' because there's some valuable advice in there as well). So, here we go with the list of this Week's Top Stories: Process Doppelgänging: New Malware Evasion Technique A team of researchers, who previously discovered AtomBombing...

Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions. Dubbed " Shrootless " and tracked as  CVE-2021-30892 , the "vulnerability lies in how Apple-signed packages with post-install scripts are installed," Microsoft 365 Defender Research Team's Jonathan Bar Or  said  in a technical write-up. "A malicious actor could create a specially crafted file that would hijack the installation process." System Integrity Protection ( SIP ) aka "rootless" is a  security feature  introduced in OS X El Capitan that's designed to protect the macOS operating system by restricting a  root user  from executing unauthorized code or performing operations that may compromise system integrity. Specifically, SIP allows modification of prote...

Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren't. Attackers now know how to stay hidden by blending in, and that makes it hard to tell when something's wrong. This week's stories aren't just about what was attacked—but how easily it happened. If we're only looking for the obvious signs, what are we missing right in front of us? Here's a look at the tactics and mistakes that show how much can go unnoticed. ⚡ Threat of the Week Apple Zero-Click Flaw in Messages Exploited to Deliver Paragon Spyware — Apple disclosed that a security flaw in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, CVE-2025-43200, was addressed by the company in February as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1, and visionOS 2.3.1. The Citizen Lab said it u...

A zero-click remote code execution (RCE) bug in Microsoft Teams desktop apps could have allowed an adversary to execute arbitrary code by merely sending a specially-crafted chat message and compromise a target's system. The issues were reported to the Windows maker by  Oskars Vegeris , a security engineer from Evolution Gaming, on August 31, 2020, before they were addressed at the end of October. Microsoft did not assign a CVE to this vulnerability, stating "it's currently Microsoft's policy to not issue CVEs on products that automatically updates without user's interaction." "No user interaction is required, exploit executes upon seeing the chat message," Vegeris explained in a technical write-up. The result is a "complete loss of confidentiality and integrity for end users — access to private chats, files, internal network, private keys and personal data outside MS Teams," the researcher added. Worse, the RCE is cross-platform — af...

Recently uncovered two huge processor vulnerabilities called Meltdown and Spectre have taken the whole world by storm, while vendors are rushing out to patch the vulnerabilities in its products. The issues apply to all modern processors and affect nearly all operating systems (Windows, Linux, Android, iOS, macOS, FreeBSD, and more), smartphones and other computing devices made in the past 20 years. What are Spectre and Meltdown? We have explained both , Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753, CVE-2017-5715), exploitation techniques in our previous article. In short, Spectre and Meltdown are the names of security vulnerabilities found in many processors from Intel, ARM and AMD that could allow attackers to steal your passwords, encryption keys and other private information. Both attacks abuse 'speculative execution' to access privileged memory—including those allocated for the kernel—from a low privileged user process like a malicious app running on a...