Three radiation monitoring device vendors will not patch a handful of vulnerabilities that could be abused by hackers, including a backdoor that affords high privileges on one device.
Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated during DEF CON.
Researcher Paulos Yibelo said that Dashlane elected not to patch a vulnerability he disclosed more than a year ago in all versions of the password manager application.
Tens of millions of products ranging from airport surveillance cameras, sensors, networking equipment and IoT devices are vulnerable to a flaw that allows attacks to remotely gain control over devices or crash them.
Oracle today in its Critical Patch Update addressed a critical vulnerability in its Oracle E-Business Suite of business applications that allows for the download of business documents.