Article Details
Scrape Timestamp (UTC): 2026-02-11 13:33:05.559
Source: https://thehackernews.com/2026/02/over-60-software-vendors-issue-security.html
Original Article Text
Click to Toggle View
Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms. It's Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition. Elsewhere, Adobe released updates for Audition, After Effects, InDesign Desktop, Substance 3D, Bridge, Lightroom Classic, and DNG SDK. The company said it's not aware of in-the-wild exploitation of any of the shortcomings. SAP shipped fixes for two critical-severity vulnerabilities, including a code injection bug in SAP CRM and SAP S/4HANA (CVE-2026-0488, CVSS score: 9.9) that an authenticated attacker could use to run an arbitrary SQL statement and lead to a full database compromise. The second critical vulnerability is a case of a missing authorization check in SAP NetWeaver Application Server ABAP and ABAP Platform (CVE-2026-0509, CVSS score: 9.6) that could permit an authenticated, low-privileged user to perform certain background Remote Function Calls without the required S_RFC authorization. "To patch the vulnerability, customers must implement a kernel update and set a profile parameter," Onapsis said. "Adjustments in user roles and UCON settings might be required to not interrupt business processes." Rounding off the list, Intel and Google said they teamed up to examine the security of Intel Trust Domain Extensions (TDX) 1.5, uncovering five vulnerabilities in the module (CVE-2025-32007, CVE-2025-27940, CVE-2025-30513, CVE-2025-27572, and CVE-2025-32467), and nearly three dozen weaknesses, bugs, and improvement suggestions. "Intel TDX 1.5 introduces new features and functionality that bring confidential computing significantly closer to feature parity with traditional virtualization solutions," Google said. "At the same time, these features have increased the complexity of a highly privileged software component in the TCB [Trusted Computing Base]." Software Patches from Other Vendors Security updates have also been released by other vendors in recent weeks to rectify several vulnerabilities, including —
Daily Brief Summary
Over 60 software vendors, including Microsoft, Adobe, and SAP, issued security patches addressing multiple vulnerabilities across their platforms during the latest Patch Tuesday.
Microsoft patched 59 vulnerabilities, with six zero-days actively exploited in the wild, affecting Windows components, potentially leading to privilege escalation and denial-of-service attacks.
Adobe updated several products, including Audition and After Effects, though no active exploitation of these vulnerabilities has been reported.
SAP addressed two critical vulnerabilities in its CRM and S/4HANA systems, which could allow attackers to execute arbitrary SQL statements and compromise databases.
Intel and Google collaborated to identify five vulnerabilities in Intel Trust Domain Extensions 1.5, highlighting increased complexity in confidential computing environments.
Organizations are advised to implement these patches promptly to mitigate potential risks and ensure business continuity.
The ongoing need for robust patch management strategies is evident as vulnerabilities continue to emerge across diverse software ecosystems.