Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

Announcing Windows 11 Insider Preview Build 23516

2023-08-03 KENNETH 0

Announcing Windows 11 Insider Preview Build 23516 Hello Windows Insiders, today we are releasing Windows 11 Insider Preview Build 23516 to the Dev Channel. August 2023 Bug Bash: Starting today August 2nd, the bug bash begins and will run through Monday August 7th at 11:59pm PDT. The bug bash will span the latest features available in the currently available preview builds across the Canary, Dev, and Beta Channels. Check Feedback Hub for quests! What’s new in Build 23516 Improving the screen casting experience Casting from your Windows PC allows you to wirelessly extend your display to another nearby PC, TV or other external displays. We are making some improvements that focus on educating people about the Cast feature, improving its discoverability, and simplifying the overall experience in Windows 11. Those improvements include: When doing multitasking activities on your PC such as [ more… ]

No Image

USN-6269-1: GStreamer Good Plugins vulnerability

2023-08-03 KENNETH 0

USN-6269-1: GStreamer Good Plugins vulnerability It was discovered that GStreamer Good Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37327) Source: USN-6269-1: GStreamer Good Plugins vulnerability

No Image

USN-6268-1: GStreamer Base Plugins vulnerabilities

2023-08-03 KENNETH 0

USN-6268-1: GStreamer Base Plugins vulnerabilities It was discovered that GStreamer Base Plugins incorrectly handled certain FLAC image tags. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37327) It was discovered that GStreamer Base Plugins incorrectly handled certain subtitles. A remote attacker could use this issue to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-37328) Source: USN-6268-1: GStreamer Base Plugins vulnerabilities

Concerns over the European Union’s Cyber Resilience Act (CRA)

2023-08-02 KENNETH 0

Concerns over the European Union’s Cyber Resilience Act (CRA) As the world’s most popular open source content management system, WordPress acknowledges the European Union’s initiative to bolster the cybersecurity of digital hardware and software products with the Cyber Resilience Act (CRA). The Act’s effort to counter the increasing threat of cyberattacks and promote informed usage of digital products with increased security updates and transparency is commendable.  While we wholly endorse the objectives of the CRA, we are apprehensive about the Act’s implications on open source software due to unclear terms and definitions. Specifically, the Act’s prohibition on “unfinished software” and ambiguous definition of “commercial activity” could inadvertently inhibit innovation and economic participation in the European digital landscape. Open source projects, like WordPress, often rely on continual updates and improvements—a process that may technically fall under the label of “unfinished.” Furthermore, [ more… ]

No Image

USN-6267-1: Firefox vulnerabilities

2023-08-02 KENNETH 0

USN-6267-1: Firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058) Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy. (CVE-2023-4045) Alexander Guryanov discovered that Firefox did not properly update the value of a global variable in WASM JIT analysis in some circumstances. An attacker could potentially exploit this issue to cause a denial of service. (CVE-2023-4046) Mark Brand discovered that Firefox did not properly validate the size of an untrusted input stream. An attacker could potentially [ more… ]