Administered by:
#patchtuesday
https://www.europesays.com/de/342692/ Microsoft schließt sechs von Check Point entdeckte Sicherheitslücken – Netzpalaver #CheckPoint #Cybersecurity #Cybersicherheit #Deutschland #Germany #PatchTuesday #Rust #Schwachstelle #Science #Science&Technology #Sicherheitslücke #Technik #Technology #Wissenschaft #Wissenschaft&Technik
PAN finally published their August advisory and they have some interesting ones. Remember that they use CVSS-BT to make their score "more accurate" ( read: lower ).
F5 put out their quarterly advisory, including a KB for MadeYouReset.
Late Patch Tuesday entry for GitLab. They released published four sev:HIGH CVEs among some other, lower severity ones.
https://about.gitlab.com/releases/2025/08/13/patch-release-gitlab-18-2-2-released/
Today's top ten tag trends:
10: #PatchTuesday
9: #自分よりも身長が高い人はフォローしてくれるらしい
8: #TextureTuesday
7: #WorldElephantDay
6: #ThickTrunkTuesday
5: #taylorswift
4: #palettemusic
3: #tercinema
2: #TuneTuesday
1: #mountainsongsorpoems
The #August2025 Patch Tuesday update addressed 111 vulnerabilities, including fixes for a zero-day vulnerability in Windows Kerberos (CVE-2025-53779). Read details:
https://windows101tricks.com/microsoft-patch-tuesday-review/
#NEWS #Updates #TechNews #tech #Windows11 #windows10 #Microsoft #patchtuesday #technology
Microsoft Patch Tuesday for August 2025 — Snort rules and prominent vulnerabilities - Microsoft has released its monthly security update for August 2025, which includes 111 vu... https://blog.talosintelligence.com/microsoft-patch-tuesday-august-2025/ #patchtuesday
Patch your Chromes. No mention of ITW exploitation.
https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html
There's Fortinet's advisories. I knew they had to have some.
The only interesting ones to me on first glance are a couple sev:HIGH auth bypasses in FortiWeb ( https://www.fortiguard.com/psirt/FG-IR-25-448 ) and FortiOS ( https://www.fortiguard.com/psirt/FG-IR-24-042 ) and an ITW sev:CRIT preauth command injection in FortiSIEM that looks nice ( https://www.fortiguard.com/psirt/FG-IR-25-152 ).
Oh look, Adobe published theirs at a reasonable hour this month too. Which is good because there are a lot there. And it appears almost all of them are listed as sev:CRIT.
Microsoft patches are out. The only one listed as publicly disclosed is a PrivEsc in Kerberos ( https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53779 ) and no EITW CVEs. I'm not saying I doubt them but I am definitely skeptical.
Intel published their August advisories. I like y'all but I'm not digging through all that for you.
https://www.intel.com/content/www/us/en/security-center/default.html
Go hack more AI shit.
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2264930
LMAO.
https://support.checkpoint.com/results/sk/sk183761
The agent used a shared SFTP key embedded in the software to upload diagnostic logs. The key was granted permission to read and list files on the server, rather than restricted to upload-only access. As a result, anyone possessing the key could access log files uploaded by other customers.
Ivanti is on the board with their August advisories. But good news!
We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure.
https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-CVE-2025-8296-CVE-2025-8297
AMI published a couple CVEs in their Aptio V UEFI.
https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025006.pdf
SolarWinds published a CVE that's not listed in the advisories on their site yet. Normally IDGAF about their stuff but hardcoded creds and keys are a big no-no and so easily avoided. This one is in Database Performance Analyzer.