network security

FRRouting's OSPF implementation contains a NULL-pointer dereference that can be triggered by a crafted OSPF packet, allowing remote attackers to crash the OSPF daemon (ospfd) and cause a Denial of Service (DoS) for routers and appliances using vulnerable FRR releases. Background FRRouting (FRR)...

FRRouting (FRR) versions from v4.0 through v10.4.1 contain a NULL pointer dereference in the OSPF code that can be triggered by a crafted OSPF packet, allowing an attacker to crash the ospfd daemon and cause a Denial of Service (DoS) across affected deployments. Background FRRouting (commonly...

The Linux kernel patch for CVE-2025-38350 fixes a subtle but recurring logic gap in the traffic‑control (net/sched) classful qdisc handling that can lead to a use‑after‑free when a child qdisc unexpectedly goes empty during an enqueue operation, and operators should treat multi‑tenant and...

Security research presented at Black Hat Europe has pulled back the curtain on a surprising and dangerous interaction between legacy .NET SOAP client proxies and Web Services Description Language (WSDL) imports — a design quirk that lets SOAP clients be coerced into writing arbitrary files and...

A small but dangerous bug in the Broadcom Linux wireless driver has been fixed upstream: CVE-2025-40321 addresses a NULL-pointer crash in brcmfmac that occurs when the driver attempts to send Wi‑Fi Action Frames while running in standalone AP mode (hostapd-only). The flaw can be triggered by an...

The Linux kernel has been assigned CVE-2025-40297 after syzbot reported a use‑after‑free in the bridge code that could be triggered when Multiple Spanning Tree (MST) handling bypasses a port’s state during deletion, allowing FDB learning to race with port teardown; upstream maintainers fixed the...

Windows Defender Firewall is the first line of defense for most Windows 11 PCs, but the built‑in rules and automatic prompts don’t always match every app’s needs — when that happens you must add a manual exception. PCWorld’s short, step‑by‑step walkthrough is a useful quick reference for the...

A focused, low‑risk kernel hardening landed as CVE‑2025‑40170: maintainers switched several network call paths to RCU‑aware device access (use of dst_dev_rcu to remove transient pointer races in sk_setup_caps and a handful of related functions, closing a window that could cause kernel oopses or...

Windows 11’s built‑in firewall remains the single most effective host‑level control for stopping unsolicited network access, and the eight practical steps in the provided guide distill what every user and admin should do to keep that first line of defense both effective and manageable...

Microsoft’s Azure platform successfully detected and neutralized a record-breaking distributed denial-of-service (DDoS) attack in late October, a multi-vector assault that peaked at 15.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps) — the largest single cloud-based...

Which? has told consumers to take “extreme caution” with older Windows machines — and, in blunt terms, to disconnect unsupported Windows PCs from the Internet if they cannot be upgraded or patched. The consumer watchdog’s advice is stark because the technical reality is simple: once Microsoft...

DNS over HTTPS is the small-but-powerful change to how your PC asks the internet “where is this website?” — and it’s the reason privacy advocates, network admins, schools, and governments keep arguing about who should be allowed to see that answer. Background: why DNS matters (and why you should...

Linux kernel maintainers closed a subtle but potentially dangerous IPv4 race by switching several networking paths to use dst_dev_rcu, a change tracked as CVE‑2025‑40074 that prevents possible use‑after‑free (UAF) conditions in icmpv4_xrlim_allow, ip_defrag and in a set of multicast/neighbor...

For privacy-conscious Windows users, encrypting DNS in Windows 11 is one of those rare, high-impact, low-effort settings that delivers real protection with almost no downside — and it’s now easier to enable system‑wide than most people realize. The recent How‑To Geek walkthrough frames the...

Westermo’s industrial networking OS, WeOS 5, contains a remote-denial vulnerability that can trigger an immediate reboot when the device is configured for IPsec and sent a carefully crafted Encapsulating Security Payload (ESP) packet — an issue tracked as CVE‑2025‑46419 and documented by both...

Windows Server 2019 ships with Remote Desktop (RDP) capability turned off by default for safety; enabling it is simple but needs care. This feature piece walks through three reliable methods to enable Remote Desktop on Windows Server 2019 — PowerShell, Server Manager GUI, and the System...

SonicWall has confirmed a cloud‑backup compromise that exposed firewall configuration preference files stored in certain MySonicWall accounts, and customers who used the service are being urged to act immediately to contain and remediate potential follow‑on attacks. SonicWall’s notice —...

Microsoft’s October deadline for Windows 10 support has arrived like a ringing bell for an industry that—by several measures—wasn’t ready: large numbers of consumer and corporate endpoints still run Windows 10, many organisations face compatibility and budget constraints, and the safety net...

Microsoft’s September Patch Tuesday delivered a broad, operationally important set of security updates on September 9, 2025, covering Windows, Microsoft Office, SQL Server and related platform components — with industry trackers reporting roughly 80–86 CVEs patched and several high‑priority...

Microsoft’s Security Response Center has cataloged CVE-2025-54915 as an elevation-of-privilege vulnerability in the Windows Defender Firewall Service described as “Access of resource using incompatible type (‘type confusion’),” and the vendor advises that an authorized local attacker could...