Close Menu
New York Examiner News

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Ray Ray Star to Appear on Loose Lips with Ike Avelli

    July 15, 2026

    Meshell Ndegeocello Launches New Album Featuring Bill Callahan, ANOHNI, Cat Power

    July 15, 2026

    ‘Special thanks to the Scots for drinking all the beer’: Mass. governor seals World Cup with welcoming ceremony for an orange traffic cone

    July 15, 2026
    Facebook X (Twitter) Instagram
    New York Examiner News
    • Home
    • US News
    • Politics
    • Business
    • Science
    • Technology
    • Lifestyle
    • Music
    • Television
    • Film
    • Books
    • Contact
      • About
      • Amazon Disclaimer
      • DMCA / Copyrights Disclaimer
      • Terms and Conditions
      • Privacy Policy
    New York Examiner News
    Home»Technology»Google Fixes a Seventh Zero-Day Flaw in Chrome—Update Now
    Technology

    Google Fixes a Seventh Zero-Day Flaw in Chrome—Update Now

    By AdminNovember 30, 2023
    Facebook Twitter Pinterest LinkedIn WhatsApp Email Reddit Telegram
    Google Fixes a Seventh Zero-Day Flaw in Chrome—Update Now


    Google’s Pixel devices have already received the November update, along with some additional fixes. The November Android Security Bulletin has also started to roll out to some of Samsung’s Galaxy line.

    Microsoft

    Microsoft has a Patch Tuesday every month, but November’s is worth notice. The update fixes 59 vulnerabilities, two of which are already being exploited in real-life attacks. Tracked as CVE-2023-36033, the first is an elevation of privilege vulnerability in Windows DWM Core Library marked as important, with a CVSS score of 7.8. “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft said.

    Meanwhile, CVE-2023-36036 is an elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver with a CVSS score of 7.8. Also fixed in November’s update cycle is the already exploited libWep flaw previously fixed in Chrome and other browsers, which also impacts Microsoft’s Edge, tracked as CVE-2023-4863.

    Another notable flaw is CVE-2023-36397, a remote code execution vulnerability in Windows Pragmatic General Multicast marked as critical with a CVSS score of 9.8. “When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code,” Microsoft said.

    Cisco

    Enterprise software firm Cisco has issued fixes for 27 security flaws, including one rated as critical with a near maximum CVSS score of 9.9. Tracked as CVE-2023-20048, the vulnerability in the web services interface of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to execute unauthorized configuration commands on a Firepower Threat Defense device managed by the FMC Software.

    However, to successfully exploit the vulnerability, an attacker would need valid credentials on the FMC Software, Cisco said.

    A further seven of the flaws fixed by Cisco are rated as having a high impact, including CVE-2023-20086—a denial-of-service flaw with a CVSS score of 8.6—and CVE-2023-20063, a code-injection vulnerability with a CVSS score of 8.2.

    Atlassian

    Atlassian has released a patch to fix a serious flaw already being used in real-life attacks. Tracked as CVE-2023-22518, the improper-authorization vulnerability issue in Confluence Data Center and Server is being used in ransomware attacks. “As part of Atlassian’s ongoing monitoring and investigation of this CVE, we observed several active exploits and reports of threat actors using ransomware,” it said.

    Security outfit Trend Micro reported the Cerber ransomware group is using the flaw in attacks. “This is not the first time that Cerber has targeted Atlassian—in 2021, the malware re-emerged after a period of inactivity and focused on exploiting remote code execution vulnerabilities in Atlassian’s GitLab servers,” Trend Micro said.

    All versions of Confluence Data Center and Server are affected by the flaw, which allows an unauthenticated attacker to reset Confluence and create an administrator account. “Using this account, an attacker can perform all administrative actions available to a Confluence instance administrator, leading to a full loss of confidentiality, integrity and availability,” Atlassian said.

    SAP

    Enterprise software giant SAP has released its November Security Patch Day, fixing three new flaws. Tracked as CVE-2023-31403 and with a CVSS score of 9.6, the most serious issue is an improper access control vulnerability flaw in SAP Business One. As a result of exploiting the issue, a malicious user could read and write to the SMB shared folder, the software giant said.



    Original Source Link

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Email Reddit Telegram
    Previous ArticleCicadas Are So Loud, Fiber Optic Cables Can ‘Hear’ Them
    Next Article Nikki Haley launches first campaign ad, calls for ‘moral clarity,’ moving on from ‘chaos and drama’

    RELATED POSTS

    Anthropic, Blackstone bet the next trillion-dollar AI business is implementation, not models

    July 15, 2026

    The UK Is Planning a Social Media Curfew for 16- and 17-Year-Olds

    July 15, 2026

    Telegram’s shortlink domain is back online after day-long suspension

    July 14, 2026

    The Best Movies to Stream This Month (July 2026)

    July 14, 2026

    Uber’s robotaxi lobbying effort puts it on a collision course with Waymo

    July 13, 2026

    Uber’s Autonomous Vehicle Strategy: Slow Their Adoption

    July 13, 2026
    latest posts

    Ray Ray Star to Appear on Loose Lips with Ike Avelli

    Rising rock artist Ray Ray Star is set to appear on the wildly entertaining talk…

    Meshell Ndegeocello Launches New Album Featuring Bill Callahan, ANOHNI, Cat Power

    July 15, 2026

    ‘Special thanks to the Scots for drinking all the beer’: Mass. governor seals World Cup with welcoming ceremony for an orange traffic cone

    July 15, 2026

    Trump Crashes And Burns While Dropping Demand The World Pays Him Back For Iran War

    July 15, 2026

    Ro Khanna refuses to say Oct 7 terror attacks on Israel were justified

    July 15, 2026

    Anthropic, Blackstone bet the next trillion-dollar AI business is implementation, not models

    July 15, 2026

    The Inventor of Apple’s FaceID Wants to Analyze Your Brain’s Health With AI

    July 15, 2026
    Categories
    • Books (1,367)
    • Business (6,271)
    • Events (62)
    • Film (6,207)
    • Lifestyle (4,281)
    • Music (6,327)
    • Politics (6,249)
    • Science (5,624)
    • Technology (6,203)
    • Television (5,897)
    • Uncategorized (8)
    • US News (6,258)
    popular posts

    Ukraine’s Startups Kept Innovating Through 1 Year of War

    “Many people here and across the world were pissed off about some of his posts,”…

    Apple’s M1 chips have an ‘unpatchable’ hardware vulnerability, say MIT researchers – TechCrunch

    June 10, 2022

    Report: 1 in 5 Americans Are Skipping Meals As Long Lines At Food Banks Make a Comeback Under Biden

    July 19, 2022

    Kate Winslet Explains That Bleak Ending & Herbert’s Fate

    April 8, 2024
    Archives
    Browse By Category
    • Books (1,367)
    • Business (6,271)
    • Events (62)
    • Film (6,207)
    • Lifestyle (4,281)
    • Music (6,327)
    • Politics (6,249)
    • Science (5,624)
    • Technology (6,203)
    • Television (5,897)
    • Uncategorized (8)
    • US News (6,258)
    About Us

    We are a creativity led international team with a digital soul. Our work is a custom built by the storytellers and strategists with a flair for exploiting the latest advancements in media and technology.

    Most of all, we stand behind our ideas and believe in creativity as the most powerful force in business.

    What makes us Different

    We care. We collaborate. We do great work. And we do it with a smile, because we’re pretty damn excited to do what we do. If you would like details on what else we can do visit out Contact page.

    Our Picks

    Anthropic, Blackstone bet the next trillion-dollar AI business is implementation, not models

    July 15, 2026

    The Inventor of Apple’s FaceID Wants to Analyze Your Brain’s Health With AI

    July 15, 2026

    Ex ESPN, NFL Network CEO Steve Bornstein Joins Scott Coker MMA Board

    July 15, 2026
    © 2026 New York Examiner News. All rights reserved. All articles, images, product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Terms & Conditions and Privacy Policy.

    Type above and press Enter to search. Press Esc to cancel.

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
    CookieDurationDescription
    cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
    cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
    cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
    cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
    cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
    viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
    Functional
    Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
    Performance
    Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
    Analytics
    Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
    Advertisement
    Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
    Others
    Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
    SAVE & ACCEPT