close
  • Ar chevron_right

    Microsoft issues emergency patches for 4 exploited 0days in Exchange

    news.movim.eu / ArsTechnica · Tuesday, 2 March, 2021 - 22:00

The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.

Enlarge (credit: Getty Images )

Microsoft is urging customers to install emergency patches as soon as possible to protect against highly skilled hackers who are actively exploiting four zeroday vulnerabilities in Exchange Server.

The software maker said hackers working on behalf of the Chinese government have been using the previously unknown exploits to hack on-premises Exchange Server software that is fully patched. So far, Hafnium, as Microsoft is calling the hackers, is the only group it has seen exploiting the vulnerabilities, but the company said that could change.

“Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” Microsoft Corporate Vice President of Customer Security & Trust Tom Burt wrote in a post published Tuesday afternoon . “Promptly applying today’s patches is the best protection against this attack.”

Read 6 remaining paragraphs | Comments

index?i=d8pZZrv1KPM:cv7rZMuBGOE:V_sGLiPBpWUindex?i=d8pZZrv1KPM:cv7rZMuBGOE:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
  • Ar chevron_right

    Chrome users have faced 3 security concerns over the past 24 hours

    news.movim.eu / ArsTechnica · Friday, 5 February, 2021 - 21:21

Chrome users have faced 3 security concerns over the past 24 hours

(credit: Chrome )

Users of Google’s Chrome browser have faced three security concerns over the past 24 hours in the form of a malicious extension with more than 2 million users, a just-fixed zero-day, and new information about how malware can abuse Chrome's sync feature to bypass firewalls. Let’s discuss them one by one.

First up, the Great Suspender, an extension with more than 2 million downloads from the Chrome Web Store, has been pulled from Google servers and deleted from users’ computers. The extension has been an almost essential tool for users with small amounts of RAM on their devices. Since Chrome tabs are known to consume large amounts of memory, the Great Suspender temporarily suspends tabs that haven’t been opened recently. That allows Chrome to run smoothly on systems with modest resources.

Characteristically terse

Google's official reason for the removal is characteristically terse. Messages displayed on devices that had the extension installed say only, “This extension contains malware” along with an indication that it has been removed. A Google spokesman declined to elaborate.

Read 11 remaining paragraphs | Comments

index?i=ooMPqnL1CuE:eWEW5oucaNA:V_sGLiPBpWUindex?i=ooMPqnL1CuE:eWEW5oucaNA:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA