Tag

Security Update

All articles tagged with #security update

security5 days ago•1 min saved

Drupal Core Flaw Exposes PostgreSQL Sites to RCE via Anonymous SQL Injection

Drupal released highly critical security updates for Drupal Core to fix CVE-2026-9082, a flaw in the database abstraction API that allows anonymous attackers to perform arbitrary SQL injections on PostgreSQL sites, potentially leading to information disclosure, privilege escalation, or remote code execution (CVSS 6.5). Affected versions include 11.3.10, 11.2.12, 11.1.10, 10.6.9, 10.5.10, and 10.4.10; Drupal 7 is not affected. End-of-life releases are patched on a best-effort basis, and the updates include upstream fixes for Symfony and Twig.

via The Hacker News|

#cve-2026-9082 #drupal #postgresql

technology6 days ago•3 min saved

Drupal unveils urgent core patch to curb high-risk exploit

Drupal has issued a critical core security release to fix a high-exploitation vulnerability affecting Drupal 8 and newer. Administrators should plan to apply the update on May 20 UTC, upgrading to at least Drupal 10.6 or using hotfixes for older 9.x/8.x where available. Patches are released for 11.3.x, 11.2.x, 11.1.x, 10.6.x, 10.5.x, and 10.4.x; Drupal 8/9 are end-of-life and won’t receive patches, though hotfixes will be published for 9.5 and 8.9. Drupal Steward customers are protected but should still update. No technical vulnerability details are disclosed yet; admins should monitor Drupal’s security portal for official guidance.

via BleepingComputer|

#cms #cybersecurity #drupal

technology9 days ago•3 min saved

EFI ESP space shortfall stalls Windows 11 security update install (KB5089549)

Microsoft confirms the May 2026 Windows 11 security update KB5089549 may fail to install on devices with very little free space on the EFI System Partition, typically rolling back at 35–36% with 0x800f0922 errors. Known Issue Rollback is recommended as a workaround, and IT admins can apply a Group Policy-based mitigation in enterprise environments while Microsoft works on a fix.

via BleepingComputer|

#efi-system-partition #kb5089549 #known-issue-rollback

technology21 days ago•53 min saved

Google’s May Pixel patch fixes charging and display woes across Pixel 7a–10

Google is rolling out its May 2026 security update for Pixel devices from the Pixel 7a to the Pixel 10 (including the Pixel Tablet). The update targets a slow wireless charging issue that occurs around 75–80% battery, and persistent display problems on the Pixel 10 series (flickering/freezing), along with a camera issue where recording and zoom could freeze. It also includes a framework fix for the Pixel keyboard. The patch, labeled vCP1A.260505.005, is a bite-sized rollout that will continue over time.

via Android Central|

#charging-speed #google-pixel #pixel-10

security27 days ago•1 min saved

cPanel Patch Fixes Critical Authentication Flaw Across Supported Versions

cPanel released security updates to fix a critical authentication vulnerability across all supported versions, listing patched builds (11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, 11.136.0.5); Namecheap temporarily blocked cPanel/WHM ports 2083 and 2087 as a precaution, with patches rolling out and some servers already updated as of April 29, 2026.

via The Hacker News|

#authentication #cpanel #security

technology1 month ago•54 min saved

Chrome Security Update Patches 31 Flaws — Update Now

Google released a major Chrome security update on April 15, 2026, addressing 31 vulnerabilities in all channels (Windows/macOS: 147.0.7727.101/102; Linux: 147.0.7727.101). Five are rated Critical and could allow arbitrary code execution via memory corruption in components like ANGLE, Skia, Proxy, Prerender, and XR; other high-severity fixes include Turbofan and Media issues. Users should update immediately through Chrome > Help > About Google Chrome and relaunch. Google notes bug details will be restricted until a broad user base patches to prevent exploitation.

via CyberSecurityNews|

#chrome #cybersecurity #patch

cybersecurity2 months ago•53 min saved

Critical UniFi Flaws Allow Full System Takeover, Patch Now

Ubiquiti disclosed two critical-to-high vulnerabilities in UniFi Network Application: CVE-2026-22557, a path-traversal flaw that can allow unauthenticated attackers to seize full control of the underlying host, and CVE-2026-22558, an authenticated NoSQL injection enabling privilege escalation. Affected versions include UniFi Network App 10.1.85 and earlier, 10.2.93 and earlier, and UniFi Express Network App 9.0.114 and earlier. Patches are available: official 10.1.89+ (or RC 10.2.97+; UX 4.0.13+) bundling Network App 9.0.118+. Given the CVSS 10 rating for CVE-2026-22557, patch immediately and implement network segmentation/firewall controls for the UniFi management interface.

via CyberSecurityNews|

#cybersecurity #nosql-injection #path-traversal

technology2 months ago•1 min saved

Galaxy S25 gets global February 2026 security patch as S26 debuts

Samsung has begun a global rollout of the February 2026 security patch for the Galaxy S25 lineup (S25, S25+, S25 Ultra, S25 FE, S25 Edge), with builds ending in BZB5 or AZB6; the update started in Korea and is expanding across Asia and Europe via Settings > Software update. This patch may be the last security update before Samsung begins rolling out One UI 8.5, though a release date for 8.5 remains unclear.

via SamMobile|

#february-2026-patch #galaxy-s25 #one-ui-85

technology3 months ago•53 min saved

Windows 11 Patch KB5077181 Triggers Infinite Restart on Some Devices

Microsoft's February 10, 2026 security update KB5077181 for Windows 11 versions 24H2 and 25H2 appears to trigger boot loops on affected devices, forcing multiple restarts; while it patches 58 vulnerabilities (including six zero-days) and ships new Secure Boot certificates to improve boot integrity, users report login failures with System Event Notification Service errors, DHCP connectivity losses, and install errors such as 0x800f0983/0x800f0991, prompting uninstall guidance via Control Panel or Windows Recovery Environment and a suggested SFC scan; enterprises should test via WSUS and monitor health while Microsoft has not publicly acknowledged the issues.

via CybersecurityNews|

#boot-loop #kb5077181 #security-update

computing4 months ago•21 min saved

Microsoft patches Windows 11 shutdown and remote-login bugs with emergency out-of-band fix

Microsoft issued an out-of-band emergency patch for the January 2026 Windows security update that fixes a shutdown/hibernate bug on some Windows 11 PCs and restores remote login via credential prompts on Windows 10/11 devices; the fix also addresses Secure Launch startup-security issues. Some users still report lingering problems like blank screens or Outlook Classic crashes, and Microsoft noted related fixes from October 2025 for Windows Recovery Environment. Windows 10 users can continue with Extended Security Updates if they’re not ready to upgrade.

via Engadget|

#computing #microsoft #out-of-band-update

cyber-security-news4 months ago•52 min saved

Windows 11 Shutdown Bug Emerges After January Patch

Microsoft’s January 13, 2026 security update KB5073455 for Windows 11 23H2 (OS Build 22621.6491) triggers a shutdown bug on Enterprise and IoT editions, causing devices to reboot instead of powering down or entering hibernation due to interference with Secure Launch (a virtualization-based security feature). IT teams report power-management issues and potential data loss; a workaround is to force shutdown via shutdown /s /t 0, while a fix is promised in a future update. Disabling Secure Launch via Group Policy can restore normal shutdown but weakens boot integrity.

via Cyber Security News|

#cyber-security-news #secure-launch #security-update

technology4 months ago•4 min saved

Windows 10 security-only KB5073724 update patches three zero-days and Secure Boot certs

Microsoft released the Windows 10 KB5073724 security update, addressing 114 vulnerabilities including three zero-days, and updating Secure Boot certificates. The update also removes certain Agere modem drivers and includes a WinSqlite3.dll fix. It targets devices in the ESU program or LTSC and does not add new features, raising builds to 19045.6809 (19044.6809 for LTSC 2021). Note that affected modem hardware will stop working due to removed drivers; Microsoft reports no known issues at this time.

via BleepingComputer|

#kb5073724 #patch-tuesday #secure-boot

technology4 months ago•1 min saved

Google Play Update Causes Pixel Bugs

A recent Google Play system update for Pixel devices, including the Pixel 10 series, has caused some bugs such as screen freezes and UI loading issues, but these problems are generally resolved after rebooting or plugging in the device. The update, focused on security and stability, has led to temporary glitches across several Pixel models.

via 9to5Google|

#buggy-update #device-stability #google-play-system-update

technology4 months ago•0 min saved

Critical SmarterMail Vulnerability Enables Remote Code Execution

SmarterTools released security updates for SmarterMail versions Build 9406 and earlier to fix a critical vulnerability (CVE-2025-52691) that could allow remote code execution through arbitrary file uploads, urging users to update to Build 9413 immediately.

via Cyber Security Agency of Singapore|

#cve-2025-52691 #security-update #smartermail

technology5 months ago•2 min saved

Microsoft's Latest Updates Cause MSMQ and Windows Compatibility Issues

Microsoft's December 2025 security update causes MSMQ failures on older Windows systems, affecting enterprise environments by disrupting message queuing and related services due to permission issues, with workarounds including support contact or uninstalling the update.

via theregister.com|

#bug #microsoft #msmq