サイバーヴィッシュ テクノロジーなどに関する最新の洞察とトレンド update
サイバーセキュリティ

Acer taking steps to address a security vulnerability

Acer taking steps to address a security vulnerability A firmware update has been released by Acer to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines. The high-severity vulnerability tracked as CVE-2022-4020, affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. The PC maker described the vulnerability as an issue that “may allow changes to Secure Boot settings by creating NVRAM variables.” ESET researcher Martin Smolár is credited with discovering the flaw , who previously disclosed similar bugs in Lenovo computers. Disabling Secure Boot, an integrity mechanism that guarantees that only trusted software […]

続きを読む
サイバーセキュリティ

The 2022 Updated version of Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

The 2022 Updated version of Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be weaponized by threat actors to crash a program or execute arbitrary code, leading to unintended behavior. “Google is aware that an exploit for CVE-2022-4135 exists in the wild,” the tech giant acknowledged in an advisory. […]

続きを読む