A security issue has been identified in YubiKey Manager GUI which could lead to unexpected privilege escalation on Windows. If a user runs the YubiKey Manager GUI as Administrator, browser windows opened by YubiKey Manager GUI may be opened as Administrator which could be exploited by a local attacker to perform actions as Administrator. Under this circumstance, some browsers like Edge for example, have additional mitigations to prevent opening as Administrator.
Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.
Proof-of-concept exploit code has been released online for two actively exploited and high-severity vulnerabilities in Microsoft Exchange, collectively known as ProxyNotShell.
