CISA flags up actively exploited Google Chrome and Excel flaws

CISA's directive gives federal agencies until 23rd January to implement measures against these vulnerabilities

clock • 2 min read
CISA flags up actively exploited Google Chrome and Excel flaws
Image:

CISA flags up actively exploited Google Chrome and Excel flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalogue to include two actively exploited bugs flaws found in Google Chrome and open-source Perl library.

These vulnerabilities, if left unaddressed, pose significant cybersecurity risks to users and organisations, the agency warned. The first vulnerability, identified as CVE-2023-7024, is a heap bu...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
IT Essentials: Sun, stress and security

Management

Burnout is the scourge of UK cyber - don't let it ruin your holidays

clock 20 May 2024 • 3 min read
Russian criminals use Lunar malware to breach European government agency

Threats and Risks

Attackers thought to be part of Russia's FSB

clock 17 May 2024 • 2 min read
NCSC CTO: UK tech sector not incentivising companies to build secure software

Security Technology

Calls for market reform to usher in secure future tech

clock 17 May 2024 • 2 min read

More on Threats and Risks

Deepfake fraud costs engineering giant Arup £20m

Deepfake fraud costs engineering giant Arup £20m

An employee was tricked into participating in a video conference, featuring a digitally recreated version of the CFO

clock 20 May 2024 • 2 min read
Russian criminals use Lunar malware to breach European government agency

Russian criminals use Lunar malware to breach European government agency

Attackers thought to be part of Russia's FSB

Tom Allen
clock 17 May 2024 • 2 min read
Microsoft May Patch Tuesday fixes two actively exploited zero days

Microsoft May Patch Tuesday fixes two actively exploited zero days

Microsoft has fixed 60 Windows CVEs in its May Patch Tuesday update, two of which are actively exploited zero days. One is a critical vulnerability, earning an 8.8 CVSS rating.

John Leonard
clock 15 May 2024 • 3 min read