Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
In early December, the world was shocked when a critical code execution vulnerability was discovered in Log4j, a utility used by virtually every cloud computing service and enterprise network. Immediately, open source developers released an update to patch the bug and urged users to install the patch immediately.
Now researchers report that there are at least two vulnerabilities in the Log4j 2.15.0 patch update. Not only that, hackers are also exploiting one of those two vulnerabilities, targeting targets that have installed the patch. Therefore, the researchers once again urge everyone to quickly install the Log4j 2.16.0 update to patch the vulnerability being tracked under the code CVE-2021-45046.
According to the researchers, patch 2.15.0 is incomplete in some non-default configurations, creating an opportunity for hackers to perform DDoS attacks. This can cause the attacked servers to be completely paralyzed until restarting or other actions are taken.
Version 2.16.0 fixes this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
The remaining vulnerability in patch 2.15.0 discovered by security firm Praetorian is related to information leakage. Hackers can exploit this vulnerability to download data from affected servers. The company has reported the issue to the Apache Foundation but still strongly advises users to install patch 2.16.0 as soon as possible.
Marvin FryYou should read it
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- GitLab patches critical vulnerability that allows hackers to take control of accounts
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- Apple patched many zero-day bugs in iOS 15.4.1 and macOS 12.3.1 updates
- Critical Vulnerability Discovered in 3 WordPress Plugins, Affects 84,000 Websites
- 13 popular applications have serious security vulnerabilities, users need to update immediately
- AMD CPUs also have security vulnerabilities that have existed for many years now!
May be interested
- Microsoft patches vulnerability in Windows AppX Installer being used to spread Emotet malware
microsoft has patched a critical zero-day vulnerability in windows that is being exploited by cybercriminals to spread emotet malware. - Add File/Folder to the exclusion list in Windows Securityhow to add file or folder to the exclusion list in windows security? the fastest and simplest way to add exceptions to windows defender
- Log4Shell zero-day vulnerability discovered, the new nightmare of enterpriseshow to exploit a critical zero-day vulnerability in the java-based apache log4j logging library has just been posted on the internet. this leaves users and businesses as well as organizations vulnerable to remote code execution attacks.
- Detecting a serious security flaw on Viber Desktop, users need to update immediatelythe research team of vncert/cc center recently issued a warning about a serious security hole in the viber desktop chat application - the viber chat application installed on users' computers, to the development team. viber products to fix.
- Why is Windows 11 so much more secure than Windows 10?windows 11 will be a more secure operating system than windows 10. microsoft's new focus on security in windows 11 will revolve around a few key features.
- Detecting an 8-year-old security flaw, affecting 150 HP printer modelsresearchers have discovered several security vulnerabilities affecting at least 150 models of hp multifunction printers (print, scan, fax).
Security solution
Top 30 serious security holes are being exploited by hackers the most- The US shares the top 20 vulnerabilities most exploited by Chinese hackers since 2020 until now
- 10 security holes exploited by hackers in 2018
- More than 40 Windows drivers contain dangerous privilege escalation vulnerabilities
- Top 5 most dangerous remote execution vulnerabilities in early 2020, some even automatically infect other computers without users knowing.
Top 30 serious security holes are being exploited by hackers the most
The US shares the top 20 vulnerabilities most exploited by Chinese hackers since 2020 until now
10 security holes exploited by hackers in 2018
More than 40 Windows drivers contain dangerous privilege escalation vulnerabilities
Top 5 most dangerous remote execution vulnerabilities in early 2020, some even automatically infect other computers without users knowing.