Microsoft
Attackers can bypass Windows’ protections by changing a single bit
Among the many vulnerabilities that Microsoft patched on Tuesday is one that can be exploited to bypass all Windows security measures by, curiously enough, modifying a single …
Microsoft fixes critical remotely exploitable Windows root-level design bug
In this month’s Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet …
Corporate users hit with fake Microsoft email delivering sneaky malware
A well-crafted and extremely legit-looking spam email campaign is currently targeting corporate users around the world, ultimately leading the victims to difficult-to-detect …
Analysis of 2014 Microsoft patch trend data
Tripwire announced an analysis of Microsoft patch data from 2014. “The 2014 data clearly shows that Microsoft is packing in more CVEs per bulletin in 2014,” said …
Outlook for iOS breaks company security, developer warns
One the same day that Microsoft released its new Outlook app for iOS, a developer has warned that it breaks corporate security in multiple ways. René Winkelmeyer, Head of …
Supposedly clean Office documents download malware
Bitdefender is warning Microsoft Office users against the emergence of a new spam campaign that is looking to trick antispam filters in order to allow spam to pass freely into …
Microsoft releases Sysmon 2.0
Sysmon is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows …
January’s Patch Tuesday marks the start of a new era
Microsoft’s January 2015 patch Tuesday marks the start of a new era. It seems that Microsoft’s trend towards openness in security has reversed and the company that …
Unfazed by Microsoft’s criticism, Google discloses another Windows 8.1 flaw
Google apparently has no mercy for Microsoft’s developers, and is determined to stick to its 90-day deadline for fixing software flaws, as it publicly released details …
Microsoft scolds Google for lack of flexibility in vulnerability disclosure
Microsoft is not pleased with Google’s recent release of the details of a zero-day Windows 8.1 vulnerability and the code that can be used to exploit it, and has …
Pre-Patch Tuesday alerts no longer publicly available
Microsoft’s Advanced Notification Service (ANS), which for over a decade provided advanced warning about the patches and updates that the company would push out on its …
Microsoft released seven advisories, three are critical
December’s Patch Tuesday brings us seven advisories, three of which are listed as Critical. Depending on how you want to count it, we see a total of 24 or 25 CVEs …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility