Teams | Collaboration | Customer Service | Project Management

Vulnerability

InvGate

Apple Zero-Day: How to Spot Devices to Update in Your Company in Seconds

Apr 2, 2022 By Matt Beran In InvGate
Just a couple of days after Google announced a high-risk zero-day vulnerability in Chrome, Apple disclosed two zero-day vulnerabilities affecting their operating system on both mobile and desktop devices. The company has already issued updates for its iOS and macOS users. The patched versions are as follows: As for the Apple zero-day exploits, they were reported anonymously.
Read Post

Chrome Zero Day: Find vulnerable devices for patching

Mar 30, 2022 By InvGate In InvGate
Google issued an emergency security update due to the severity of exploit CVE-2022-1096. A few days later, Microsoft joined the recommendation, advising Chromium Edge users to update their browsers as well. Therefore, if you haven’t already, you should check your browser details to check if it’s updated to version 99.0.4844.84 of Chrome or version 99.0.1150.55 or higher of Edge. Matt Beran shows you how you can find vulnerable devices across your inventory for proactive patching using InvGate Insight.
View Video
InvGate

Chrome zero-day: find devices with vulnerabilities across your inventory

Mar 30, 2022 By InvGate In InvGate
If you’re an asset manager or an application administrator, you must have had - or are about to have - a lot of work since there’s a new Chrome zero-day vulnerability in the wild. Google issued an emergency security update due to the severity of exploit CVE-2022-1096. A few days later, Microsoft joined the recommendation, advising Chromium Edge users to update their browsers as well.
Read Post
zulip

Zulip Cloud security vulnerability with reusable invitation links

Feb 25, 2022 By Alex Vandiver In Zulip

An internal investigation recently uncovered a vulnerability (identified as CVE-2022-21706) in Zulip’s invitation links. Specifically, a reusable invitation link could be used to join a different organization than the one it was created for. As a result, there was a potential for users to join any organization without an invitation (and bypassing domain restrictions). This vulnerability was discovered by the Zulip security team, and has now been fixed for all Zulip Cloud organizations.

Read Post
mattermost

Coordinated disclosure of XML round-trip vulnerabilities in Go's standard library

Dec 14, 2020 By Juho Nurminen In Mattermost

This blog post is a part of Mattermost’s public disclosure of three serious vulnerabilities in Go’s encoding/xml related to tokenization round-trips. The public disclosure comes as a result of several months of work, including collaborating with the Go security team since August 2020 and with affected downstream project maintainers since earlier this month.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.