Google Issues Emergency Patch for Chrome Zero-Day (CVE-2024-7965)

A vibrant red image with the Chrome browser logo in the center. Text at the bottom reads Chrome Zero-Day (CVE-2024-7965) and Upwind in the top right corner.

Overview On July 30, 2024, a critical zero-day vulnerability (CVE-2024-7965) was discovered in Google Chrome’s V8 JavaScript engine. Google swiftly responded with an emergency patch after confirming that this flaw was being actively exploited in the wild. On August 26, 2024, Google released a new Chrome version addressing this issue that all Chrome users should […]

CVE-2024-3094: How to Protect Against the SSHD Backdoor Found in XZ Utilities

A beach scene with palm trees and a surfboard in the background. In the foreground, a red sign displays a warning about the critical vulnerability XZ Utils SSHD Backdoor with CVE-2024-3094, and the Upwind logo is in the top right corner.

CVE: CVE-2024-3094 Affected versions: 5.6.0, 5.6.1 Affected Distributions: Fedora 41, Fedora Rawhide, Alpine, openSUSE, Debian experimental distributions versions 5.5.1alpha-0.1 to 5.6.1-1. On March 29, 2024, CISA warned of a malicious backdoor in the popular data compression software library XZ Utils. The vulnerability has been designated as CVE-2024-3094, and has been assigned a CVSS (Common Vulnerability […]