Microsoft Addresses New Watering Hole Attack in the November, 2013 Security Bulletin Release
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer and Office as part of the Microsoft Security Bulletin Summary for November, 2013. These vulnerabilities could allow remote code execution, elevation of privilege, information disclosure or denial of service. The November Security Bulletin includes a patch for the new “watering hole” campaign which utilizes a US-based website that specializes in domestic and international security policy.
US-CERT encourages users and administrators to review the bulletin and follow best practice security policies to determine which updates should be applied.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-41940 WebPros…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-1708 ConnectWise ScreenConnect Path…