Latest Kernel news

Windows Kernel bug fixed last month exploited as zero-day since August

Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was being exploited as a zero-day.
- Sergiu Gatlan
- March 02, 2024
- 10:09 AM
- 0
CISA warns of patched iPhone kernel bug now exploited in attacks

CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks.
- Sergiu Gatlan
- January 31, 2024
- 02:02 PM
- 0
Apple fixes iOS Kernel zero-day vulnerability on older iPhones

Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks.
- Sergiu Gatlan
- October 12, 2023
- 12:40 PM
- 0
Apple emergency update fixes new zero-day used to hack iPhones

Apple released new emergency security updates on Wednesday to patch two new zero-day vulnerabilities known to be exploited in attacks.
- Sergiu Gatlan
- October 04, 2023
- 02:19 PM
- 9
Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone

Microsoft has enabled a fix for a Kernel information disclosure vulnerability by default for everyone after previously disabling it out of concerns it could introduce breaking changes to Windows.
- Lawrence Abrams
- August 14, 2023
- 02:13 PM
- 3
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws

Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of devices.
- Bill Toulas
- July 26, 2023
- 02:51 PM
- 0
Hackers exploit Windows policy to load malicious kernel drivers

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy loophole.
- Bill Toulas
- July 11, 2023
- 01:00 PM
- 1
Microsoft: Windows Kernel CVE-2023-32019 fix is disabled by default

Microsoft has released an optional fix to address a Kernel information disclosure vulnerability affecting systems running multiple Windows versions, including the latest Windows 10, Windows Server, and Windows 11 releases.
- Sergiu Gatlan
- June 14, 2023
- 05:43 PM
- 4
Microsoft tests live kernel memory dumps in Windows 11 Task Manager

Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting the operation of Windows.
- Mayank Parmar
- January 12, 2023
- 04:59 PM
- 1
Microsoft-signed malicious Windows drivers used in ransomware attacks

Microsoft has revoked several Microsoft hardware developer accounts after drivers signed through their profiles were used in cyberattacks, including ransomware incidents.
- Lawrence Abrams
- December 13, 2022
- 06:10 PM
- 0
Windows 11 22H2 adds kernel exploit protection to security baseline

Microsoft has released the final version of security configuration baseline settings for Windows 11, version 22H2, downloadable today using the Microsoft Security Compliance Toolkit.
- Sergiu Gatlan
- September 20, 2022
- 05:20 PM
- 0
NVIDIA has open-sourced its Linux GPU kernel drivers

NVIDIA has published the source code of its kernel modules for the R515 driver, using a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distributable.
- Bill Toulas
- May 12, 2022
- 10:31 AM
- 1
HP fixes bug letting attackers overwrite firmware in over 200 models

HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which might allow arbitrary code execution.
- Bill Toulas
- May 11, 2022
- 11:53 AM
- 0
Google almost doubles Linux Kernel, Kubernetes zero-day rewards

Google says it bumped up rewards for reports of Linux Kernel, Kubernetes, Google Kubernetes Engine (GKE), or kCTF vulnerabilities by adding bigger bonuses for zero-day bugs and exploits using unique exploitation techniques.
- Sergiu Gatlan
- February 15, 2022
- 03:38 PM
- 0
Dell driver fix still allows Windows Kernel-level attacks

Dell's driver fix of the CVE-2021-21551 vulnerability leaves margin for catastrophic BYOVD attacks resulting in Windows kernel driver code execution.
- Bill Toulas
- December 13, 2021
- 03:21 PM
- 1
New Linux kernel bug lets you get root on most modern distros

Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices.
- Sergiu Gatlan
- July 20, 2021
- 12:21 PM
- 0
Microsoft's new project ports Linux eBPF to Windows 10, Server

Microsoft has launched a new open-source project that aims to add to Windows the benefits of eBPF, a technology first implemented in Linux that allows attaching programs in both kernel and user applications.
- Ionut Ilascu
- May 12, 2021
- 11:09 AM
- 0
Linux bans University of Minnesota for committing malicious code

Linux kernel project maintainers have imposed a ban on the University of Minnesota (UMN) from contributing to the open-source Linux project after a group of UMN researchers were caught submitting a series of malicious code commits, or patches that deliberately introduced security vulnerabilities in the official Linux project.
- Ax Sharma
- April 21, 2021
- 01:08 PM
- 1
Google funds Linux maintainers to boost Linux kernel security

Together with the Linux Foundation, Google announced today that they would fund two Linux kernel developers' efforts as full-time maintainers exclusively focused on improving Linux security.
- Sergiu Gatlan
- February 24, 2021
- 01:48 PM
- 1
Microsoft fixes Windows zero-day disclosed by Google last month

Microsoft has fixed today a Windows kernel zero-day vulnerability exploited in the wild as part of targeted attacks and publicly disclosed by Project Zero, Google's 0day bug-hunting team, last month.
- Sergiu Gatlan
- November 10, 2020
- 01:50 PM
- 0