Tag Archive for: March’s

For March’s Patch Tuesday, no zero-day flaws

/in


Microsoft this week pushed out 61 Patch Tuesday updates with no reports of public disclosures or other zero-days affecting the larger ecosystem (Windows, Office, .NET). Though there are three updated packages from February, they’re just informational changes with no further action is required.

The team at Readiness has crafted this helpful infographic outlining the risks associated with each of the March updates.

Known issues

Each month, Microsoft publishes a list of known issues that relate to the operating system and platforms included in the latest update cycle; for March, there are two minor issues reported:

  • Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or see other icon alignment issues when attempting to use Copilot in Windows. Microsoft is still working on the issue.
  • For Exchange Server, Microsoft published an advisory note: after you install the latest security update there is no longer support for the Oracle OutsideIn Technology (OIT) or OutsideInModule. For more information, see this service update.

February was not a great month for how Microsoft communicated updates and revisions. With March being an exceptionally light month for reported “known issues” for desktop and server platforms, our team found no documentation issues. Good job Microsoft!

Major revisions

This month, Microsoft published the following major revisions to past security and feature updates including:

  • CVE-2024-2173, CVE-2024-2174, and CVE-2024-2176: Chromium: CVE-2024-2173 Out of bounds memory access in V8. These updates relate to recent security patches for the Chromium browser project at Microsoft. No further action required.

Mitigations and workarounds

Microsoft released these vulnerability-related mitigations for this month’s release cycle: 

  • CVE-2023-28746 Register File Data Sampling (RFDS). We are not certain how to categorize this update from Intel, as it relates to a hardware issue with certain Intel chipsets. The mitigation for this vulnerability requires a firmware update, and a corresponding Windows update enables this third-party firmware-based mitigation. More information can be…

Source…

March’s Android Security Update Goes Live for Nexus, Pixel Devices

/in

  1. March’s Android Security Update Goes Live for Nexus, Pixel Devices  Droid Life

  2. March security patches now available for Pixels and Nexus phones; expect your OTA soon  Android Central
  3. Google posts March 2018 Android security bulletin, factory images, and OTA files  androidandme.com

    4. Full coverage

android security news – read more

March’s Android Security Update Kicks Off Today With Factory Images (Updated) – Droid Life (press release) (blog)

/in

Droid Life (press release) (blog)

March's Android Security Update Kicks Off Today With Factory Images (Updated)
Droid Life (press release) (blog)
This month's Android security update will start rolling out shortly, now that factory images for the update have been posted by Google. At this time, the Nexus 6P is missing a new image , but we have files for the Pixel C (MXC14G), Nexus 5X (MMB29V and …
Google splats more bad Android security bugs with patches your mobe will probably never seeThe Register
Google Releases March Android Security Update for Nexus DevicesNDTV
Nexus Devices Get March Android Security Update With Some Critical FixesMobiPicker
Lawyer Herald –Softpedia News –Phandroid.com –Google Developers
all 180 news articles »

“android security” – read more