USN-5855-1: ImageMagick vulnerabilities It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images. Source: USN-5855-1: ImageMagick vulnerabilities
Update to Windows Subsystem for Android™ on Windows 11 (February 2023) Today we are shipping an update for Windows Subsystem for Android™ on Windows 11 to all Windows Insider channels. This update (2301.40000.4.0) will make improvements to the camera experience, graphics improvements, general reliability, and security updates. What’s New Improved audio input latency and reliability Improvements to camera experience (camera metadata now exposed to camera apps) Improvements to framerate performance: certain benchmarks have improved by 10%-20% on ARM and 40%-50% on x64 Fixed zooming out in apps using touchpad or mouse Improvements to platform reliability Using latest Chromium WebView to version 108 Synchronizing global microphone and camera privacy toggles between Windows and Android apps Android 13 security updates Giving feedback If you are having issues with Windows Subsystem for Android™ – please file feedback via Feedback Hub under Apps > Windows [ more… ]
USN-5854-1: Linux kernel vulnerabilities It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 (V4L2) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20369) Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373) David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. (CVE-2022-2663) Johannes Wikner and Kaveh Razavi discovered that [ more… ]
USN-5853-1: Linux kernel vulnerabilities It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649) It was discovered that [ more… ]
Announcing Windows 11 Insider Preview Build 22621.1255 and 22623.1255 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 22621.1255 and Build 22623.1255 (KB5022918) to the Beta Channel. Build 22623.1255 = New features rolling out. Build 22621.1255 = New features off by default. REMINDER: Insiders who were previously on Build 22622 will automatically get moved to Build 22623 via an enablement package. The enablement package artificially increments the build number for the update with new features getting rolled out and turned on to make it easier to differentiate from devices with the update with features off by default. This approach is being used for the Beta Channel only and is not indicative of any changes or plans for final feature rollouts. Insiders who landed in the group with new features turned off by default (Build 22621.xxxx) can check for [ more… ]
Copyright © 2026 | WordPress Theme by MH Themes
