Tag

Patch

All articles tagged with #patch

Ubiquiti patches seven UniFi OS flaws, including a critical UniFi Connect command-injection risk
security2 days ago

Ubiquiti patches seven UniFi OS flaws, including a critical UniFi Connect command-injection risk

Ubiquiti released security updates to fix seven critical UniFi OS vulnerabilities, including CVE-2026-50746 in the UniFi Connect App that could allow command injection; users should upgrade the UniFi Connect app to version 3.4.20+ and apply patches across UniFi Talk, UniFi Access, UniFi Protect, and the UniFi OS Server. The company notes several flaws can be exploited in low-complexity attacks with no user interaction. Threats note that more than 100,000 UniFi OS instances are exposed online (per Censys), though it isn’t clear how many are patched, honeypots, or otherwise secured. The report also references past CISA/FBI warnings and demonstrations of exploitation techniques in related Ubiquiti products.

Sims 4 June Patch: Fixes Arrive Alongside a Streamlined Moola Marketplace Flow
technology10 days ago

Sims 4 June Patch: Fixes Arrive Alongside a Streamlined Moola Marketplace Flow

EA’s The Sims 4 June Patch brings bug fixes and quality-of-life tweaks (including Create‑A‑Sim asset updates and gallery fixes) and adds a simplified Marketplace purchase flow that auto-converts purchases to the nearest Moola with new USD/EUR price points, though not all of the 80+ promised fixes are guaranteed to be addressed in this update.

Chrome’s Fifth Zero-Day Patch This Year Targets In-the-Wild Exploits
technology1 month ago

Chrome’s Fifth Zero-Day Patch This Year Targets In-the-Wild Exploits

Google issued emergency Chrome updates to fix CVE-2026-11645, a high-severity out-of-bounds read/write in the V8 engine that’s been exploited in the wild, marking the fifth Chrome zero-day patched this year. The fix covers Windows, Mac, and Linux builds; attackers could achieve remote code execution and bypass ASLR via crafted HTML, with Google restricting bug detail disclosures until most users are updated. Earlier this year Chrome also addressed four other zero-days (CVE-2026-2441, CVE-2026-3909, CVE-2026-3910, CVE-2026-5281), and last year fixed eight exploited flaws.

Forza Horizon 6 to rebalance brutally aggressive AI after fan backlash
gaming1 month ago

Forza Horizon 6 to rebalance brutally aggressive AI after fan backlash

Forza Horizon 6 is set to receive AI rebalancing after fans complained that its Drivatar opponents are unfairly fast, especially on higher difficulties. Playground Games says a fix is in the works and will focus on AI balance, with more details to come once developers have something concrete. The update is also reportedly addressing PC launch issues such as AMD framerate problems, audio crackling, and crashes. Players can provide feedback via the Forza portal, and there’s no clear word yet on altering the 1,000-hour maxed-out achievement requirement.

Microsoft patches Defender zero-days actively exploited in the wild
technology1 month ago

Microsoft patches Defender zero-days actively exploited in the wild

Microsoft released patches for two Defender zero-days—CVE-2026-41091 (privilege escalation in Malware Protection Engine) and CVE-2026-45498 (DoS in Antimalware Platform)—to stop active exploits. The updates install automatically by default, but admins should verify the Malware Protection Engine and Antimalware Platform versions are current. CISA added these flaws to its Known Exploited Vulnerabilities catalog and ordered federal agencies to patch by June 3 under BOD 22-01. The piece also notes mitigations for a Windows BitLocker flaw nicknamed YellowKey.

Subnautica 2 Gets First Early Access Hotfix for Startup Stability and Data Controls
technology1 month ago

Subnautica 2 Gets First Early Access Hotfix for Startup Stability and Data Controls

Subnautica 2’s first Early Access hotfix fixes startup crash guidance for AMD/DirectX 12, eliminates a rare Ping crash, and reduces data sent to backend services. Analytics now only enable after accepting the Terms of Service and can be disabled in settings. The team will update the Terms of Service and FAQ soon; the patch will rollout globally and on Xbox after certification.

technology1 month ago

Linux rolls out security fixes with 7.0.8 and updated LTS kernels to close ssh-keysign-pwn

In response to the ssh-keysign-pwn vulnerability that allowed unprivileged users to read root-owned files, Linux released the 7.0.8 stable kernel and updated several LTS kernels (6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, 5.10.256), incorporating Linus Torvalds’ patch that makes ptrace get_dumpable() logic “slightly saner,” to mitigate the issue across supported releases.