Last week several critical vulnerabilities were disclosed for Dell, WinRAR and Apple as well as an important lesson learned from a recent Google breach.

WinRAR:

WinRAR is a file compression utility that was leveraged by a bad actors to attack financial, manufacturing, defense, and logistics companies in Europe and Canada. The malicious RAR archives were sent out as attachments in an email phishing campaigns where the attackers posed as job applicants including their supposed resumes. The exploit allowed the attacker to access and exfiltrate file data on targeted systems.

Dell:

On June 13th, Dell became aware of a vulnerability present in many Latitude and Pro model business laptops potentially allowing an attacker to modify the firmware of the Broadcom ControlVault hardware. This hardware is used to store critical security information such as biometrics and passwords. The flaw could allow an attacker to take full control of the computer and persist even after the reinstallation of the operating system. Dell firmware updates are being delivered through Windows Updates.

Apple:

Apple released critical security updates for IOS devices (iPhone, iPad, watch, etc.) to address a browser security issue impacting Safari and Apple web connected programs that could allow an attacker to falsify a web address and steal data from the device.

Google Breach (Salesforce):

In June, one of Google’s corporate Salesforce databases was compromised with data being exfiltrated by a bad actor. This was accomplished primarily through social engineering, with the attacker calling a Google employee posing as IT support. They assisted the victim with loading a modified version of Salesforce Data Loader, a legitimate Salesforce software package used within Google. However, this version had been modified by the attackers to allow data access and exfiltration. Google has since secured its systems and notified impacted customers, but this serves as a stark reminder of the risks of social engineering and the sophistication of attackers.

What do I need to do?

For our clients who subscribe to our security and management tools, your Windows and Apple computers should receive updates starting last week. Users should complete the installation of patches when prompted and not delay or defer them.

Specifically, user should take the following actions:

• All Windows and Mac systems users should complete the installation of patches when prompted and not delay. Updates can be manually installed following the directions below:
  • Apple MacOS: https://support.apple.com/en-us/HT201541
  • Microsoft Windows: https://support.microsoft.com/en-us/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a
• Users should check for and install updates for all Apple IOS devices
  • Apple IOS: https://support.apple.com/guide/iphone/update-ios-iph3e504502/ios
• Business leaders should review their procedures and training around IT communications to ensure that clear expectations are in place with a process for verifying inbound calls and prompts. There should be onboarding and annual staff training to educate and reinforce these policies and procedures.

Additional Resource and Details:

• WinRAR: https://www.malwarebytes.com/blog/news/2025/08/winrar-vulnerability-exploited-by-two-different-groups
• Dell: https://www.bleepingcomputer.com/news/security/revault-flaws-let-hackers-bypass-windows-login-on-dell-laptops/
• Apple: https://www.bleepingcomputer.com/news/security/apple-patches-security-flaw-exploited-in-chrome-zero-day-attacks/
• Google: https://cloud.google.com/blog/topics/threat-intelligence/voice-phishing-data-extortion

As always if you have any questions or concerns about this latest security disclosure, please feel free to reach out.