Morning Overview on MSN

CISA added the actively exploited Windows Netlogon flaw to its must-patch catalog, ordering federal agencies to fix domain controllers now

Federal agencies running Windows domain controllers face a hard deadline after the Cybersecurity and Infrastructure Security ...
SecurityWeek

Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches

A stack-based buffer overflow vulnerability in HP VoIP phones allows remote attackers to execute arbitrary code with root ...
Bleeping Computer

Ivanti Avalanche impacted by critical pre-auth stack buffer overflows

Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage, monitor, and secure a wide range ...
Bleeping Computer

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

Kernel-mode Hardware-enforced Stack Protection is a security feature introduced in Windows 11 22H2 that protects systems from various memory attacks, such as stack buffer overflows. Microsoft added ...
Threat Post

New Spectre-Level Flaw Targets Return Stack Buffer

The most recent Spectre-class flaw targets a component in CPUs called the return stack buffer. Researchers have discovered yet another speculative execution side-channel flaw enabling attackers to ...