Meta patched two WhatsApp flaws affecting iOS, Android, and Windows users, including bugs tied to risky files, links, and Reels previews.
The post New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch appeared first on TechRepublic.
Google has released a critical security update for its Chrome desktop browser to address 30 security vulnerabilities, including four severe flaws that could enable Remote Code Execution (RCE) attacks.
The Stable channel has been updated to version 147.0.7727.137/138 for Windows and Mac, and to 147.0.7727.137 for Linux.
Google is rolling out this update gradually over the coming days and weeks to ensure a stable deployment.
The majority of the severe flaws patched in this release are “Use-After-Free” memory vulnerabilities.
A Use-After-Free bug occurs when an application attempts to access memory space that has already been freed or deallocated.
This memory mismanagement can lead to unexpected browser crashes, severe data corruption, and, most dangerously, arbitrary code execution.
If successfully exploited, these vulnerabilities allow remote attackers to run malicious commands on a victim’s machine simply by convincing the user to visit a specially crafted malicious webpage.
This requires no additional user interaction and could allow hackers to bypass Chrome’s built-in sandbox protections, potentially compromising the underlying system.
Google is temporarily restricting access to specific bug details and exploit links until a vast majority of the user base has successfully applied the security patch.
This industry standard practice prevents threat actors from reverse-engineering fixes to launch attacks against unpatched, vulnerable systems.
Google awarded bug bounties to researchers, including $16,000 for a high-severity GPU flaw and $7,000 for a critical Canvas issue.
Below is a summary of the most critical and highly rewarded vulnerabilities addressed in this Chrome release:
To protect against potential exploitation, individuals and network administrators are strongly advised to update their Google Chrome browsers immediately.
Check for updates in Google Chrome via Help → About Google Chrome, then restart the browser to apply them. A quick browser restart is required to apply the latest protections fully.
Administrators managing enterprise environments should prioritize the rapid deployment of Chrome version 147.0.7727.137/138 across their networks to prevent potential intrusions.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Critical Chrome Vulnerabilities Enables Remote Code Execution Attacks appeared first on Cyber Security News.
Microsoft has officially rolled out its latest security intelligence update for Microsoft Defender Antivirus, delivering crucial protections for Windows 11, Windows 10, and Windows Server installation images.
This vital release ensures that Microsoft’s built-in antimalware solutions are fully equipped to identify and neutralize the most recent cybersecurity threats.
By continuously tweaking its underlying detection logic, Microsoft helps both organizations and everyday users defend against a rapidly shifting threat landscape.
These security intelligence updates are a foundational element of Microsoft’s broader security strategy. They work seamlessly alongside cloud-based protection protocols to deliver exceptionally fast, AI-enhanced defense mechanisms.
When a new threat emerges globally, these regular definition updates ensure local machines can recognize the malware signature without delay.
The most recent security release, dated April 7, 2026, brings several underlying system components to their newest versions.
The specific technical details for this update include:
These updates encompass not only Microsoft Defender Antivirus but also other enterprise platforms, such as System Center Endpoint Protection, Windows Intune, and the Microsoft Diagnostics and Recovery Toolset.
For the vast majority of consumer and business users, Windows Update automatically downloads and installs these security enhancements in the background.
This automated process is highly recommended as it minimizes the risk of exposure to new vulnerabilities. If automatic updates are disabled or encounter errors, users can easily trigger a manual download.
By navigating to the Virus & threat protection screen within the Windows Security application, users can forcefully check for and apply the newest patches.
Enterprise administrators overseeing large corporate networks have additional deployment flexibility. IT teams can clear outdated caches and push the latest intelligence updates across network devices using command-line tools.
Running specific MpCmdRun.exe commands as an administrator forces the system to remove old definitions and pull the newest signatures directly from Microsoft’s servers.
In highly secured or air-gapped environments with restricted internet access, security professionals can manually download the update executable files.
Microsoft provides tailored packages for specific system architectures, including standard 32-bit and 64-bit configurations and specialized ARM configurations.
Once downloaded, administrators run the executable to install the updated security intelligence manually. Additionally, Microsoft emphasized the importance of its Network Inspection System (NIS) updates.
These specialized updates intercept and neutralize sophisticated network-based threats, including active exploit attempts, while they are still in transit.
NIS updates are available for systems running Antimalware Client version 4.1.522.0 or newer, adding an essential layer of real-time defense for network traffic.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Microsoft Releases New Defender Update for Windows 11, 10, and Server Installation Images appeared first on Cyber Security News.
Microsoft is taking a major step to harden the Windows operating system against kernel-level threats by removing trust for drivers signed by the deprecated cross-signed root program.
Starting with the April 2026 update, Windows 11 and Windows Server 2025 will block these untrusted drivers by default.
This policy ensures that only drivers certified through the Windows Hardware Compatibility Program can load automatically, significantly reducing the attack surface for malicious actors.
The cross-signed root program was introduced in the early 2000s to allow third-party certificate authorities to issue Windows-trusted code-signing certificates.
However, this system provided no assurances regarding the security or compatibility of the kernel code. Because developers managed their own private keys, the program became a frequent target for credential theft, allowing threat actors to deploy rootkits.
Microsoft officially deprecated this signing program in 2021, and all related certificates have since expired. Despite this, Windows continued to trust these legacy certificates to maintain compatibility with legacy hardware.
This new update finally severs that lingering trust. Moving forward, the certification pipeline requires vendors to pass strict identity vetting, submit rigorous test results, and undergo malware scanning before receiving a protected Microsoft-owned certificate.
To prevent system crashes, Microsoft is introducing an explicit allow list for highly reputable, widely used cross-signed drivers.
The kernel update will also deploy in a careful evaluation mode. The Windows kernel will audit driver load signals to ensure the new policy will not disrupt critical functions.
The system will only enforce the block after meeting specific runtime and restart thresholds. If an unsupported driver is detected during this audit phase, the system resets the evaluation timer and holds off on enforcement.
Enterprise environments relying on internally developed custom kernel drivers have alternative options. Organizations can securely bypass the default block using an Application Control for Business policy.
By signing this policy with an authority rooted in the device’s UEFI Secure Boot variables, administrators can explicitly trust private signers.
This ensures threat actors cannot arbitrarily load malicious drivers while legitimate internal operations continue uninterrupted.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Windows 11 and Server 2025 Update to Block Untrusted Cross-Signed Kernel Drivers by Default appeared first on Cyber Security News.
A widely used open-source web-based IMAP email client, Roundcube Webmail, has released version 1.6.14, delivering critical security patches to fix multiple severe vulnerabilities in the 1.6.x branch.
The release resolves a complex range of security issues, spanning from pre-authentication arbitrary file write risks to cross-site scripting (XSS) and server-side request forgery (SSRF).
System administrators are strongly urged to apply this update to protect their communication infrastructure from potential exploitation by threat actors.
The most severe vulnerability patched in this release involves a pre-authentication arbitrary-file-write flaw. Discovered by security researcher y0us, this issue stems from unsafe deserialization in the Redis and Memcached session handlers.
Because this flaw does not require an attacker to authenticate, it poses a significant risk for unauthenticated remote code execution on vulnerable web servers.
If exploited, attackers could gain complete control over the application environment. Additionally, the update patches an SSRF and information disclosure vulnerability.
Reported by Georgios Tsimpidas, this flaw allowed attackers to exploit stylesheet links to access hosts on the local network.
This vulnerability could enable threat actors to map internal network architectures or extract sensitive data from hidden internal services that are normally shielded from the public internet.
Version 1.6.14 also resolves a critical logical bug in the account management mechanisms. Security researcher flydragon777 reported an issue where attackers could successfully change an account password without providing the old password.
This severely undermined account security and could lead to complete account takeovers if an active session was temporarily hijacked.
Furthermore, the Martila Security Research Team identified a combined IMAP injection and Cross-Site Request Forgery (CSRF) bypass vulnerability located within the mail search functionality.
This flaw could allow malicious actors to manipulate backend mail server commands and perform unauthorized actions on behalf of a currently authenticated user.
The development team addressed several client-side vulnerabilities that could allow malicious payloads to be executed or tracked within the victim’s browser.
An XSS vulnerability present in the HTML attachment preview feature was successfully patched after being reported by aikido_security. Multiple methods used to bypass remote image blocking were also fixed.
A researcher known as nullcathedral reported bypasses utilizing various SVG animate attributes and crafted body background attributes.
Blocking remote images is a vital privacy feature that prevents email senders from using tracking pixels to confirm if an email was opened.
The same researcher also identified a flaw that allowed bypassing fixed-position mitigations via misuse of the CSS important rule, which has now been firmly resolved.
Beyond the extensive list of security fixes, version 1.6.14 includes a functional patch resolving issues with PostgreSQL database connections utilizing IPv6 addresses.
The Roundcube development team considers this release highly stable. They recommend that administrators immediately update all production installations of Roundcube 1.6. x to secure their environments.
System administrators must securely back up all database and application data before initiating the upgrade process to prevent unexpected data loss.
The update packages, cryptographic signatures, and source code are currently available for download on the official Roundcube GitHub repository.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Roundcube Webmail Security Updates Patches Multiple Critical Vulnerabilities appeared first on Cyber Security News.
Google has rolled out an urgent security update for the Chrome browser to address eight high-severity vulnerabilities.
These newly patched security flaws could allow threat actors to execute arbitrary code remotely, posing a significant risk to user data and system integrity.
The stable channel is currently receiving updates to version 146.0.7680.164 or 146.0.7680.165 for Windows and macOS users.
Meanwhile, Linux users will receive version 146.0.7680.164. Google expects these critical updates to reach all users over the coming days and weeks.
The latest patches resolve several dangerous memory management and processing errors within Chrome’s underlying architecture.
Among the patched issues are “Use-After-Free” vulnerabilities in components such as Dawn, WebGPU, and FedCM.
These specific flaws occur when a program continues to use a memory pointer after the memory has been freed, allowing attackers to inject and execute malicious payloads.
Additionally, Google addressed heap buffer overflows in WebAudio and WebGL, out-of-bounds reading flaws in CSS, and an integer overflow in the Fonts component.
When chained together or successfully exploited, these memory corruption vulnerabilities give cybercriminals a path to bypass browser security sandboxes and compromise the host machine entirely.
Google’s development teams heavily rely on advanced testing tools such as AddressSanitizer, MemorySanitizer, and libFuzzer to identify complex security bugs before they reach the stable channel.
The update addresses the following eight high-severity vulnerabilities:
| CVE Identifier | Component | Vulnerability Type |
|---|---|---|
| CVE-2026-4673 | WebAudio | Heap buffer overflow |
| CVE-2026-4674 | CSS | Out of bounds read |
| CVE-2026-4675 | WebGL | Heap buffer overflow |
| CVE-2026-4676 | Dawn | Use after free |
| CVE-2026-4677 | WebAudio | Out of bounds read |
| CVE-2026-4678 | WebGPU | Use after free |
| CVE-2026-4679 | Fonts | Integer overflow |
| CVE-2026-4680 | FedCM | Use after free |
To protect the user base, Google intentionally restricts access to specific technical bug details and exploit links.
This industry standard practice ensures that most users can install the security update before threat actors can reverse-engineer the patch to launch widespread attacks.
The company also maintains restrictions if a vulnerability exists in a third-party library that other software projects depend on.
Google actively rewards security researchers for responsibly disclosing these threats, paying out a confirmed $7,000 bounty for the WebAudio vulnerability alone, with several other reward amounts still to be determined.
Cybersecurity professionals and everyday users must prioritize applying this update immediately.
To ensure your browser is fully protected against these potential remote code execution threats, navigate to the Chrome menu, select “Help,” and click on “About Google Chrome.”
This action forces the browser to check for the latest version and automatically download the security patch.
Administrators managing enterprise environments should push the update through their patch management systems to efficiently secure network endpoints.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Chrome Security Update Fixes 8 Vulnerabilities Allowing Remote Code Execution appeared first on Cyber Security News.
Google has released a substantial security update for its Chrome web browser, addressing 26 distinct vulnerabilities that could allow unauthenticated attackers to execute malicious code remotely.
The latest Stable channel update rolls out versions 146.0.7680.153 and 146.0.7680.154 for Windows and macOS, while Linux users will receive version 146.0.7680.153.
This critical patch cycle is designed to remediate multiple severe memory corruption flaws that pose significant risks to individual users and enterprise networks alike.
Tailored to standard cybersecurity reporting formats, this breakdown highlights the most severe threats mitigated in this release.
The primary threat vector for these vulnerabilities lies in how the browser processes specialized web content.
By exploiting flaws in components such as WebGL, WebRTC, and the V8 JavaScript engine, threat actors can bypass standard browser security sandboxes.
The update specifically addresses three “Critical” severity vulnerabilities, 22 “High” severity flaws, and one “Medium” severity issue.
These vulnerabilities primarily consist of classic memory management errors such as use-after-free conditions, heap buffer overflows, and out-of-bounds access.
When an attacker successfully triggers one of these conditions, typically by luring a victim to a maliciously crafted webpage, they can write payloads directly into system memory and achieve remote code execution (RCE).
Beyond the critical flaws, the 22 high-severity vulnerabilities affect a wide array of core browser modules, including Blink, Network, WebAudio, Dawn, and PDFium.
Notably, a single security researcher operating under the pseudonym “c6eed09fc8b174b0f3eebedcceb1e792” discovered and reported nine high-severity issues, as well as one critical vulnerability.
| CVE Identifier | Severity | Browser Component | Vulnerability Type |
|---|---|---|---|
| CVE-2026-4439 | Critical | WebGL | Out of bounds memory access |
| CVE-2026-4440 | Critical | WebGL | Out of bounds read and write |
| CVE-2026-4441 | Critical | Base | Use after free |
| CVE-2026-4442 | High | CSS | Heap buffer overflow |
| CVE-2026-4443 | High | WebAudio | Heap buffer overflow |
| CVE-2026-4444 | High | WebRTC | Stack buffer overflow |
| CVE-2026-4445 | High | WebRTC | Use after free |
| CVE-2026-4446 | High | WebRTC | Use after free |
| CVE-2026-4447 | High | V8 | Inappropriate implementation |
| CVE-2026-4448 | High | ANGLE | Heap buffer overflow |
| CVE-2026-4449 | High | Blink | Use after free |
| CVE-2026-4450 | High | V8 | Out of bounds write |
| CVE-2026-4451 | High | Navigation | Insufficient validation of untrusted input |
| CVE-2026-4452 | High | ANGLE | Integer overflow |
| CVE-2026-4453 | High | Dawn | Integer overflow |
| CVE-2026-4454 | High | Network | Use after free |
| CVE-2026-4455 | High | PDFium | Heap buffer overflow |
| CVE-2026-4456 | High | Digital Credentials API | Use after free |
| CVE-2026-4457 | High | V8 | Type Confusion |
| CVE-2026-4458 | High | Extensions | Use after free |
| CVE-2026-4459 | High | WebAudio | Out of bounds read and write |
| CVE-2026-4460 | High | Skia | Out of bounds read |
| CVE-2026-4461 | High | V8 | Inappropriate implementation |
| CVE-2026-4462 | High | Blink | Out of bounds read |
| CVE-2026-4463 | High | WebRTC | Heap buffer overflow |
| CVE-2026-4464 | Medium | ANGLE | Integer overflow |
WebGL vulnerabilities are particularly dangerous because they interact directly with the hardware graphics processing unit, potentially allowing attackers to escape software constraints.
Similarly, the V8 JavaScript engine remains a high-value target; vulnerabilities like type confusion (CVE-2026-4457) enable attackers to manipulate how the engine handles object types.
Google noted that many of these bugs were proactively identified during development using advanced memory testing tools such as AddressSanitizer, MemorySanitizer, and libFuzzer.
To mitigate the risk of system compromise, users and enterprise administrators are strongly advised to verify their browser versions immediately.
While Google is rolling out the update progressively over the coming days and weeks, proactive manual updates can prevent exploitation by opportunistic threat actors.
As is standard practice, Google will restrict public access to detailed bug reports and exploit chains until a vast majority of the user base has successfully applied the patch.
This delayed disclosure strategy successfully prevents threat actors from reverse-engineering the patches to develop zero-day exploits targeting slow-to-update systems.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Chrome Security Update Fixes 26 Vulnerabilities Allowing Remote Code Execution appeared first on Cyber Security News.
Apple launches Background Security Improvements to fix vulnerabilities in real time, starting with a WebKit flaw affecting Safari on iPhone, iPad, and Mac.
The post Apple Rolls Out Real-Time Security Fixes Across iPhone, iPad, and Mac appeared first on TechRepublic.
Microsoft’s March Patch Tuesday fixes 78 vulnerabilities, including Office preview pane flaws, an Excel Copilot data leak risk, and an AI-discovered 9.8 severity bug.
The post Patch Alert: Microsoft Fixes Nearly 80 Bugs, Including Critical Office Flaws appeared first on TechRepublic.
Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline.
The post Microsoft’s February Patch Tuesday Fixes 6 Zero-Days Under Attack appeared first on TechRepublic.
Microsoft patched a Windows Remote Assistance flaw that lets attackers bypass Mark of the Web, weakening protections against malicious downloads and phishing files.
The post New Windows Flaw Lets Attackers Bypass Mark of the Web appeared first on TechRepublic.
Entrar