zero-day (2)

12639836274?profile=RESIZE_400xIt is being reported that Apple has declined to issue a bug bounty to the Russian cybersecurity company Kaspersky Lab.  This after it disclosed four zero-day vulnerabilities in iPhone software that were allegedly used to spy on Kaspersky employees as well as Russian diplomats.

A spokesperson for Kaspersky Lab said that the company’s research team considered their work “eligible for Bug Bounty rewards from Apple. However, when asked about it, we received a decline from the Apple Security team ref

11137467285?profile=RESIZE_400xMultiple vulnerabilities have been recently discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user.  Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.[1]