News
Microsoft Windows security
- August 29, 2018
29 Aug'18
Windows 10 zero-day disclosed on Twitter, no fix in sight
Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.
- April 30, 2018
30 Apr'18
Windows NTFS flaw posted after disclosure gets nowhere
Proof-of-concept code showing how an NTFS flaw can shut down Windows systems was published by a security researcher nine months after he disclosed it to Microsoft.
- April 06, 2018
06 Apr'18
Microsoft created Windows Defender flaw by breaking UnRAR code
Microsoft's poor coding when forking and modifying open source UnRAR code introduced a critical Windows Defender flaw that could allow an attacker full system rights.
-
- March 28, 2018
28 Mar'18
Windows Meltdown patches open up more severe issue
A security researcher discovered the recent Windows Meltdown patches may fix the Intel flaws, but also introduced a more severe vulnerability in some versions of Windows.
- March 07, 2018
07 Mar'18
McAfee cloud security platform expands to Microsoft Azure
In its first move following the acquisition of cloud access security broker Skyhigh Networks, McAfee extended its cloud security platform to Microsoft Azure customers.
- February 15, 2018
15 Feb'18
Intel bug bounty programs widened after Meltdown and Spectre
Intel's bug bounty program expanded its scope and rewards for bugs across all Intel products, and the company added a new program for side-channel flaws like Meltdown and Spectre.
- February 14, 2018
14 Feb'18
Microsoft: Windows Analytics can detect Meltdown and Spectre exposure
Microsoft says Meltdown and Spectre vulnerabilities are now being tracked by Windows Analytics, which shows users the update status for CPU microcode and OS patches.
- December 08, 2017
08 Dec'17
Emergency Microsoft patch out for Malware Protection Engine
A critical vulnerability found in the Windows Malware Protection Engine required an emergency Microsoft patch, but one expert said Microsoft hasn't handled the announcement well.
- October 26, 2017
26 Oct'17
Windows XP patches: Did Microsoft make the right decision?
Microsoft had to make several tradeoffs when developing patches for Windows XP. Expert Nick Lewis explains what these tradeoffs were and how enterprises should respond.
- September 27, 2017
27 Sep'17
Windows digital signature bypassed with two registry edits
The DerbyCon keynote covered why security research is an approachable field, as well as how to bypass a Windows digital signature check to run unwanted code.
-
- August 11, 2017
11 Aug'17
Microsoft antivirus policy changes under Kaspersky pressure
Microsoft antivirus policy changes for Windows 10 Fall Creators Update in order to avoid further action in an antitrust case brought by Kaspersky.
- July 25, 2017
25 Jul'17
Fancy Bear C&C servers taken down by Microsoft lawsuit
Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear.
- June 28, 2017
28 Jun'17
Petya ransomware scam: Lost files can't be restored
Researchers discovered the rash of Petya-like attacks are nothing more than a ransomware scam, and list files are impossible to restore.
- June 28, 2017
28 Jun'17
Petya-like global ransomware attack can be mitigated
A new global ransomware attack has been spreading quickly using the same exploits as WannaCry, but researchers have already found ways to protect users from the damage.
- June 27, 2017
27 Jun'17
Windows Defender bug could allow full-system takeover
A newly disclosed Windows Defender bug, which could allow an attacker to fully take over a target system and create admin accounts, marks yet another major antivirus vulnerability.