Pulse Secure VPNs Get New Urgent Update for Poorly Patched Critical Flaw

Pulse Secure has shipped a fix for a critical post-authentication remote code execution (RCE) vulnerability in its Connect Secure virtual private network (VPN) appliances to address an incomplete patch for an actively exploited flaw it previously resolved in October 2020.
“The Pulse Connect Secure appliance suffers from an uncontrolled archive extraction vulnerability which allows an attacker to