Telegram fixes Windows app zero-day used to launch Python scripts
Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. [...]
Stay informed on infosec trends, threats, and strategies with the latest updates and expert insights in Information Security.
Search across headline titles and summaries.
Background for this topic.
Fixed is a status indicating that a security issue has been addressed through a corrective change, such as a software patch, code change, configuration update, or removal of an affected component. In vulnerability tracking, it usually describes the issue under specified conditions and versions; it does not automatically prove that every affected asset has been updated or that exploitation is impossible.
For vulnerability management, practitioners should verify the fix’s scope, deployment, and effectiveness through testing, rescanning, or other evidence. Incomplete rollout, an overlooked instance, a dependent vulnerable component, or a regression can leave exposure despite a “Fixed” label. Records should distinguish fixed from mitigated or accepted, identify affected assets and versions, and retain validation dates. If the issue was exploited before remediation, fixing it does not establish that an attacker’s access or changes have been removed; that requires separate investigation.
Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. [...]
Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. [...]
High-profile individuals including MPs said to be caught up in leak Exclusive Taxi software biz iCabbi recently fixed an issue that exposed the personal information of nearly 300,000 individuals via an unprotected database.…
NYC's New Chatbot, Hallucinating LLMs Just Can't Be Fixed, Says Linguistics ExpertEmployers can now fire an employee who complains about sexual harassment, take a cut of their workers' tips and serve customers cheese nibbled on by rats: at least according to advice doled out by New York City's AI chatbot meant to help small business owners navigate the city's bureaucratic maze.
Poorly implemented rule allowed miscreants to deceive users with trusted URLs Elon Musk's X has apparently fixed an embarrassing issue implemented earlier in the week that royally bungled URLs on the social media platform formerly known as Twitter.…
Plus: Adobe, SAP, Fortinet, VMware, Cisco issue pressing updates Patch Tuesday Microsoft fixed 149 security flaws in its own products this week, and while Redmond acknowledged one of those vulnerabilities is being actively exploited, we've been told another hole is under attack, too.…
Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. [...]
If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to eclipse the number of vulnerabilities fixed in this month's patch batch -- a record 147 flaws in Windows and related software.
Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices