Estimated reading time: 5 minutes
It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched a very interesting vulnerability in their monthly Patch Tuesday update for January 2020. It’s a spoofing vulnerability in Windows CryptoAPI (Crypt32.dll) validation mechanism for Elliptic Curve Cryptography (ECC) certificates. An attacker could...
Estimated reading time: 2 minutes
14 Jan 2020 marked a huge day for Windows, as Microsoft ended support for Windows 7, the operating system that had been touching lives for nearly 11 years. Introduced almost a decade back, Windows 7 was designed basically to fix the failures that came with Windows Vista. The popularity of...
Estimated reading time: 5 minutes
Ransomware authors keep experimenting with the development of payload in various dimensions. In the timeline of ransomware implementations, we have seen its evolution from a simple screen locker to multi-component model for file encryption, from novice approach to a sophisticated one. The Ransomware as a Tool has evolved in wild...
Estimated reading time: 2 minutes
As part of the Windows 10 Updates, Microsoft has now come up with a new update for Windows 10 PCs. It’s called Windows 10 19H1 (Windows 10 May 2019 Update). This post lists down some of the highlights of this particular update and Quick Heal’s compatibility with the OS. Highlights...
Estimated reading time: 1 minute
The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context...
Estimated reading time: 1 minute
The recent zero-day vulnerability CVE-2018-4990 in Adobe Reader enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-09 on May 14, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions...
Estimated reading time: 1 minute
The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows Operating Systems. Vulnerable versions Windows 7 x86 and x64 versions Windows...
Estimated reading time: 8 minutes
Whether you are a normal user or a tech-guru, being aware of the computer security threats will help fortify your defense against them. So, here’s a handy A-Z dictionary of cybersecurity terms.
Estimated reading time: 2 minutes
Quick Heal Security Labs has recently learned about a serious vulnerability in Skype’s update installer – that’s the bad news. The worse news is, Microsoft is not going to patch the vulnerability anytime soon as this would require the updater to go through a ‘large code revision’. What is this...
Estimated reading time: 2 minutes
Lenovo recently released an advisory, warning customers about two critical Broadcom vulnerabilities which impact 25 models of its popular ThinkPad lineup. The Broadcom Wi-Fi chipsets used by Lenovo ThinkPad devices are affected by the CVE-2017-11120 & CVE-2017-11121 vulnerabilities. Both these issues are rated as “critical” and received a CVSS 10 score...