"CISA Warns of Actively Exploited Windows, Sophos, and Oracle Bugs"

The Cybersecurity and Infrastructure Security Agency (CISA) has added three security issues affecting Microsoft devices, a Sophos product, and an Oracle enterprise solution to its catalog of Known Exploited Vulnerabilities (KEV). The KEV catalog contains flaws that have been confirmed to be exploited by hackers in attacks. It serves as a repository for vulnerabilities that companies worldwide should prioritize. While CISA's KEV catalog is primarily for US federal agencies, it can serve as an alert system for companies to take the necessary measures to update their systems or apply vendor-recommended mitigations against exploited vulnerabilities. This article continues to discuss the actively exploited Windows, Sophos, and Oracle bugs added to CISA's KEV catalog.

Bleeping Computer "CISA Warns of Actively Exploited Windows, Sophos, and Oracle Bugs"

Submitted by grigby1