patch – Weekly Geek

OpenSSL 3 patch, once Heartbleed-level “critical,” arrives as a lesser “high”

Enlarge / The fallout of an OpenSSL vulnerability, initially listed as “critical,” should be much less severe than that of the last critical OpenSSL bug, Heartbleed. reader comments 19 with 17 posters participating Share this story An OpenSSL vulnerability once signaled as the first critical-level patch since the Internet-reshaping Heartbleed bug has just been patched.… Read More »

Severe vulnerabilities in Dell firmware update driver found and fixed

Enlarge / At least three companies have reported the dbutil_2_3.sys security problems to Dell over the past two years. reader comments 18 with 18 posters participating Share this story Yesterday, infosec research firm SentinelLabs revealed 12-year-old flaws in Dell’s firmware updater, DBUtil 2.3. The vulnerable firmware updater has been installed by default on hundreds of millions of… Read More »