News

Microsoft Windows security

• March 11, 2020 11 Mar'20

  Microsoft discloses wormable SMBv3 flaw without a patch

  Microsoft disclosed a new remote code execution vulnerability associated with the Microsoft Server Message Block 3.1.1 (SMBv3) protocol, but there's currently no patch available.

• August 29, 2018 29 Aug'18

  Windows 10 zero-day disclosed on Twitter, no fix in sight

  Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.

• April 30, 2018 30 Apr'18

  Windows NTFS flaw posted after disclosure gets nowhere

  Proof-of-concept code showing how an NTFS flaw can shut down Windows systems was published by a security researcher nine months after he disclosed it to Microsoft.

• April 06, 2018 06 Apr'18

  Microsoft created Windows Defender flaw by breaking UnRAR code

  Microsoft's poor coding when forking and modifying open source UnRAR code introduced a critical Windows Defender flaw that could allow an attacker full system rights.

• March 28, 2018 28 Mar'18

  Windows Meltdown patches open up more severe issue

  A security researcher discovered the recent Windows Meltdown patches may fix the Intel flaws, but also introduced a more severe vulnerability in some versions of Windows.

• March 07, 2018 07 Mar'18

  McAfee cloud security platform expands to Microsoft Azure

  In its first move following the acquisition of cloud access security broker Skyhigh Networks, McAfee extended its cloud security platform to Microsoft Azure customers.

• February 15, 2018 15 Feb'18

  Intel bug bounty programs widened after Meltdown and Spectre

  Intel's bug bounty program expanded its scope and rewards for bugs across all Intel products, and the company added a new program for side-channel flaws like Meltdown and Spectre.

• February 14, 2018 14 Feb'18

  Microsoft: Windows Analytics can detect Meltdown and Spectre exposure

  Microsoft says Meltdown and Spectre vulnerabilities are now being tracked by Windows Analytics, which shows users the update status for CPU microcode and OS patches.

• December 08, 2017 08 Dec'17

  Emergency Microsoft patch out for Malware Protection Engine

  A critical vulnerability found in the Windows Malware Protection Engine required an emergency Microsoft patch, but one expert said Microsoft hasn't handled the announcement well.

• October 26, 2017 26 Oct'17

  Windows XP patches: Did Microsoft make the right decision?

  Microsoft had to make several tradeoffs when developing patches for Windows XP. Expert Nick Lewis explains what these tradeoffs were and how enterprises should respond.

• September 27, 2017 27 Sep'17

  Windows digital signature bypassed with two registry edits

  The DerbyCon keynote covered why security research is an approachable field, as well as how to bypass a Windows digital signature check to run unwanted code.

• August 11, 2017 11 Aug'17

  Microsoft antivirus policy changes under Kaspersky pressure

  Microsoft antivirus policy changes for Windows 10 Fall Creators Update in order to avoid further action in an antitrust case brought by Kaspersky.

• July 25, 2017 25 Jul'17

  Fancy Bear C&C servers taken down by Microsoft lawsuit

  Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear.

• June 28, 2017 28 Jun'17

  Petya ransomware scam: Lost files can't be restored

  Researchers discovered the rash of Petya-like attacks are nothing more than a ransomware scam, and list files are impossible to restore.

• June 28, 2017 28 Jun'17

  Petya-like global ransomware attack can be mitigated

  A new global ransomware attack has been spreading quickly using the same exploits as WannaCry, but researchers have already found ways to protect users from the damage.

• June 27, 2017 27 Jun'17

  Windows Defender bug could allow full-system takeover

  A newly disclosed Windows Defender bug, which could allow an attacker to fully take over a target system and create admin accounts, marks yet another major antivirus vulnerability.

• June 15, 2017 15 Jun'17

  Microsoft to disable SMBv1 by default in fall Windows updates

  Microsoft claims recent WannaCry attacks did not influence the decision to disable SMBv1 by default in the next major Windows updates.

• April 18, 2017 18 Apr'17

  Shadow Brokers' Windows exploits target unsupported systems

  A new release of NSA cyberweapons falls flat, as Windows exploits from the Shadow Brokers have mostly been patched. But unsupported systems are still at risk.

• April 14, 2017 14 Apr'17

  Shadow Brokers release SWIFT banking and Windows exploits

  The Shadow Brokers released another cache of cyberweapons linked to the Equation Group, including Windows exploits and attack details for the SWIFT banking system.

• April 12, 2017 12 Apr'17

  Security Update Guide brings growing pains to Patch Tuesday

  Microsoft fundamentally changes how IT pros will consume Patch Tuesday releases with the Security Update Guide and brings fixes for an actively exploited Word zero-day.

• April 07, 2017 07 Apr'17

  Windows 10 telemetry data collection details revealed

  Microsoft exposes Windows 10 telemetry practices just a week before Creators Update; may allay privacy concerns over Windows 10 data collection.

• January 25, 2017 25 Jan'17

  Risk & Repeat: Windows SMB warning raises questions, concerns

  In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the Shadow Brokers' alleged exploit for Windows SMB and what it means for both enterprises and Microsoft.

• January 25, 2017 25 Jan'17

  Project Zero finds Cisco WebEx vulnerability in browser extensions

  A critical Cisco WebEx vulnerability in the service's browser extensions was discovered and patched, though some disagree the patch goes far enough to protect against attack.

• January 19, 2017 19 Jan'17

  Windows 10 security tackles exploits, while Windows 7 gets a warning

  As Microsoft touted its Windows 10 security features defeating unpatched zero-day vulnerabilities, it also warned customers about security issues with Windows 7.

• January 19, 2017 19 Jan'17

  US-CERT reminds users that Windows SMB v1 needs to die

  Experts say US-CERT is taking advantage of a potential -- but unverified -- vulnerability in Windows SMB v1 to remind enterprise users the outdated service should be disabled.

• November 11, 2016 11 Nov'16

  Pawn Storm APT ramps up attacks after Google's zero-day disclosure

  Roundup: Russia-based APT group Pawn Storm expands spear-phishing attacks after Google's disclosure of a Windows zero-day. Plus, OpenSSL updates, IoT security and more.

• November 03, 2016 03 Nov'16

  Experts question Microsoft's Windows zero-day response

  A Windows zero-day disclosed by Google caught Microsoft between patch cycles, and experts questioned whether Microsoft downplayed the severity of the vulnerability.

• November 02, 2016 02 Nov'16

  Microsoft claims Windows zero-day exploited by Russian state actors

  Google disclosed an unpatched Windows zero-day vulnerability, which Microsoft claims is actively being exploited by a Russian APT group connected to the DNC hack.

• October 28, 2016 28 Oct'16

  Windows atom tables vulnerable to code-injection attack

  A new attack, called AtomBombing, allows malicious code injection into atom tables by a threat actor. And while all versions of Windows are vulnerable to attack, no patch will fix the flaw.

• October 27, 2016 27 Oct'16

  Adobe Flash patch for Flash zero-day exploit on Windows

  Surprise! It's time, again, for another critical Adobe Flash patch to fix a remote code execution vulnerability reported by the Google Threat Analysis Group.

• October 19, 2016 19 Oct'16

  Intel chip flaw allows attackers to bypass ASLR protection

  Researchers devised an exploit of an Intel chip flaw that allows an adversary to bypass ASLR protection and potentially boost the effectiveness of an attack on any platform.

• August 17, 2016 17 Aug'16

  Windows Bash could open the door to more Linux-based attacks

  Will Windows 10's new native version of the Ubuntu Linux command line, Windows Bash, enable new attack vectors? Experts weigh in on Windows Subsystem for Linux.

• August 15, 2016 15 Aug'16

  Windows Secure Boot broken after Microsoft leaks golden key

  Microsoft accidentally released the golden key for Windows Secure Boot, causing a serious security issue for the company despite putting only less popular devices at risk.

• June 10, 2016 10 Jun'16

  Ransomware attack hits UCalgary as CryptXXX devs up their game

  As the University of Calgary contends with a ransomware attack, the actors behind CryptXXX are rolling out patches and upgrades and attackers are shifting from Angler to Neutrino EK.

• June 07, 2016 07 Jun'16

  Angler exploit kit skips Microsoft EMET to subvert Flash, Silverlight

  FireEye researchers spotted the Angler exploit kit bypassing the current Microsoft EMET version 5.5 security tool running on Windows 7 to subvert Flash and Silverlight.

• May 24, 2016 24 May'16

  Lieu, Hurd school House colleagues on cyberhygiene, defense

  Former computer science majors Lieu and Hurd wrote to their U.S. House of Representatives colleagues, urging improved awareness of cyber risks and cyberhygiene.

• April 26, 2016 26 Apr'16

  Simple, yet undetectable Windows AppLocker bypass discovered

  A Windows command-line utility dating back to XP, Regsvr32, reportedly enables a simple and virtually undetectable Windows AppLocker whitelist bypass.

• April 14, 2016 14 Apr'16

  Badlock vulnerability proves a bust for responsible disclosure

  The much-hyped Badlock bug is still important to patch, but raised issues with celebrity vulnerability promotion and responsible disclosure of security vulnerabilities.

• March 31, 2016 31 Mar'16

  Badlock flaw hits Samba, Windows and responsible disclosure

  The serious Badlock vulnerability in Windows and Samba, announced three weeks prior to patches, triggers a debate over responsible disclosure of software flaws.

• February 26, 2016 26 Feb'16

  Microsoft EMET vulnerability turns tool against itself

  Roundup: Microsoft EMET is vulnerable to exploit; it's time to update to v5.5.Plus; Dell, IBM and Gemalto research reports claim cybercriminals are getting smarter, bigger and faster.

• January 08, 2016 08 Jan'16

  Warning: Internet Explorer end of life for 8, 9 and 10 on Tuesday

  Internet Explorer end of life is on the way for three versions of Microsoft's Web browser, and enterprises need to understand which versions of Windows will still be supported.

• October 16, 2015 16 Oct'15

  EMV transition: FBI warns while Target opts for PINs

  News roundup: FBI issues a public service announcement about EMV chip-and-signature cards. Plus: bumper crop of OS X malware in 2015; phishing sites with authenticated certificates and more.

• August 07, 2015 07 Aug'15

  ICANN breached, members' encrypted passwords stolen

  News roundup: ICANN confirmed its members' credentials were stolen Wednesday, forcing the nonprofit to enforce a site-wide password reset. Plus: VPN provider being used for APTs; Thunderstrike strikes again; Windows 10 security in its first week.

• June 26, 2015 26 Jun'15

  Click fraud to ransomware: Study highlights dangers of malware lifecycle

  New roundup: Sometimes the least of threats -- such as click fraud -- can end up being the bigger issues -- like ransomware. Plus: U.S. Navy won't let go of XP; U.S./China cyber code of conduct; and more!

• May 15, 2015 15 May'15

  Will Microsoft Edge security features make up for past sins?

  News roundup: Microsoft released security details of its new Edge browser, but is enough to restore user confidence? Plus: Millennial security threats; new ransomware, GPU-based malware; black hat cybersecurity services.

• April 21, 2015 21 Apr'15

  Waratek grabs RSA Innovation Sandbox honors

  Runtime application self-protection startup Waratek wins coveted RSA Innovation award.

• April 17, 2015 17 Apr'15

  Microsoft cybersecurity strategy: Time for another Bill Gates email

  Opinion: Executive Editor Eric Parizo says Microsoft's security strategy may have once been the benchmark for other vendors to emulate, but in 2015 the software giant's priorities lie elsewhere.

• March 05, 2015 05 Mar'15

  Microsoft confirms Windows vulnerable to FREAK attack

  The serious HTTPS FREAK exploit was thought to only affect Android, iOS, and MacOS, but Microsoft has confirmed that it also affects all supported versions of Windows.

• January 19, 2015 19 Jan'15

  Google's Project Zero reveals another Windows zero-day vulnerability

  For the third time in one month, Microsoft couldn't meet Google's 90-day public disclosure deadline, leading to Project Zero's disclosure, though experts say this Windows zero-day vulnerability may have little value to attackers.

• December 09, 2014 09 Dec'14

  December 2014 Patch Tuesday features three critical fixes

  Capping a busy year of software updates, Microsoft's December 2014 Patch Tuesday release delivers three critical bulletins; separately Adobe offers a pair of critical fixes.

• November 18, 2014 18 Nov'14

  Microsoft addresses Kerberos security flaw with critical out-of-band patch

  Originally scheduled by Microsoft as part of its November Patch Tuesday release, the out-of-band patch resolves a serious security vulnerability in Kerberos.

• November 11, 2014 11 Nov'14

  Hefty November 2014 Patch Tuesday delivers four critical bulletins

  The zero-day patch was one of four critical bulletins Microsoft delivered as part of its largest Patch Tuesday release of 2014; a fifth critical bulletin was dropped at the last moment.

• August 12, 2014 12 Aug'14

  August 2014 Patch Tuesday targets IE security improvements

  Beyond the usual slew of IE security patches, Microsoft's August 2014 Patch Tuesday made a couple of moves to improve the security of its browser.

• August 06, 2014 06 Aug'14

  EMET 5.0 release offers new ways to block plug-ins

  EMET 5.0, the latest version of Microsoft's zero-day prevention tool, includes several new features, most notably improved ways to block plug-ins like Flash and Java.

• July 08, 2014 08 Jul'14

  July 2014 Patch Tuesday fixes two dozen IE vulnerabilities

  Microsoft's July 2014 Patch Tuesday release addressed two dozen flaws in Internet Explorer. Adobe also provided a critical update for Flash.

• June 10, 2014 10 Jun'14

  June 2014 Patch Tuesday brings huge IE update, IE8 vulnerability fix

  June's patches fix an Internet Explorer 8 issue that Microsoft said was never exploited in the wild. Plus: Adobe issues a critical Flash Player patch.

• May 21, 2014 21 May'14

  Microsoft fails to address IE zero day before public disclosure

  Though notified of the IE zero day months ago, Microsoft failed to address the vulnerability before it was made public.

• May 13, 2014 13 May'14

  May 2014 Patch Tuesday delivers critical IE security update

  Microsoft's May 2014 Patch Tuesday features two critical security updates, including another fix for its beleaguered Internet Explorer browser.

• May 01, 2014 01 May'14

  Microsoft issues out-of-band patch for 'use-after-free' IE zero day

  Microsoft's out-of-band patch for the 'use-after-free' IE zero day offered a fix for Windows XP, which is now being actively targeted.

• April 28, 2014 28 Apr'14

  Microsoft confirms IE zero day being used in active exploits

  The IE zero-day, first spotted by FireEye, is being actively exploited in the wild. US-CERT recommends avoiding IE until a fix is released.

• April 08, 2014 08 Apr'14

  April 2014 Patch Tuesday: Microsoft ships final XP security updates

  The April 2014 Patch Tuesday release features the final Office 2003 and XP security updates, as well as a fix for a recent Word zero-day.

• April 08, 2014 08 Apr'14

  Security experts optimistic amid Windows XP end-of-life date

  Windows XP's end-of-life date is here, and while experts said dangerous new attacks won't arrive right away, they will soon enough.

• March 31, 2014 31 Mar'14

  Windows XP migration lessons: Focus on application compatibility

  IT pros who have successfully completed large-scale Windows XP migrations advise focusing on application compatibility and up-front planning.

• March 12, 2014 12 Mar'14

  For merchants, Windows XP POS systems put PCI compliance at risk

  PCI compliance may be nearly impossible after the April 2014 Windows XP end-of-life date if merchants don't address vulnerable XP-based POS systems.

• March 11, 2014 11 Mar'14

  March 2014 Patch Tuesday produces fix for IE zero day

  Microsoft moved to address a lingering Internet Explorer zero-day vulnerability that was originally discovered by security vendor FireEye in February.

• March 04, 2014 04 Mar'14

  Microsoft's EMET security tool useful despite bypasses, say experts

  Experts say Microsoft's EMET security tool remains valuable to enterprise security teams if used as one layer in a larger security strategy.

• February 21, 2014 21 Feb'14

  Microsoft, Adobe address zero-day exploits that bypass ASLR

  Both Microsoft and Adobe have issued emergency fixes for active zero-day exploits that bypass the ASLR security mechanism.

• February 04, 2014 04 Feb'14

  Despite warnings, some Windows XP enterprise users not upgrading

  More than a third of enterprises using Windows XP have no plans to migrate, according to the report, regardless of the growing XP security risks.

• January 16, 2014 16 Jan'14

  Microsoft to offer Windows XP antivirus updates past April 2014

  Software giant Microsoft will extend Windows XP antivirus updates past the XP end-of-life date, but security patches are still slated to end in April.

• January 14, 2014 14 Jan'14

  Light January 2014 Patch Tuesday offers fix for Windows XP zero day

  Microsoft's January 2014 Patch Tuesday fixes a Windows XP zero-day vulnerability that could grant admin rights. Adobe also released two updates.

• December 10, 2013 10 Dec'13

  December 2013 Patch Tuesday: TIFF zero day fixed, but not XP zero day

  Microsoft's December Patch Tuesday release addresses a recent zero-day vulnerability affecting TIFF images, but leaves a Windows XP zero day for 2014.

• October 08, 2013 08 Oct'13

  Patch Tuesday October 2013: Fix released for SetMouseCapture zero-day

  Among its 26 patches, Microsoft's October 2013 Patch Tuesday release delivers the anticipated fix for a critical Internet Explorer zero-day flaw.

• October 03, 2013 03 Oct'13

  October 2013 Patch Tuesday to include four critical vulnerabilities

  Microsoft's October Patch Tuesday expected to resolve four critical vulnerabilities, with experts hoping a recent high-profile IE zero-day is patched.

• September 18, 2013 18 Sep'13

  Microsoft offers temporary fix for Internet Explorer zero-day

  Microsoft provides an Internet Explorer fix after confirming a vulnerability affecting all versions of the Web browser is being actively exploited.

• May 09, 2013 09 May'13

  Temporary fix out for Department of Labor website IE8 zero-day

  Microsoft is still working on a permanent fix for the IE8 zero-day found in the Dept. of Labor website attack. Also: Adobe preps ColdFusion patch.

• December 11, 2012 11 Dec'12

  Internet Explorer vulnerabilities fixed in December 2012 Patch Tuesday

  Microsoft released seven security bulletins, addressing flaws in Internet Explorer, Word and Windows kernel-mode drivers.

• November 13, 2012 13 Nov'12

  Microsoft fixes critical issues in Internet Explorer, Windows Kernel

  Microsoft issued six bulletins in November's Patch Tuesday, including fixes in Internet Explorer, Windows Kernel and the .NET Framework.

• November 08, 2012 08 Nov'12

  Despite Windows 8 zero-day, vendors laud security of new Microsoft OS

  Despite a recent Windows 8 zero-day vulnerability, security experts say the new Microsoft platform is the most secure OS on the market.

• October 04, 2012 04 Oct'12

  October 2012 Patch Tuesday: One critical bulletin expected

  Microsoft's October 2012 Patch Tuesday release, slated for Oct. 9, will address an RSA key-length certificate issue exposed by the Flame malware.

• September 17, 2012 17 Sep'12

  New zero-day vulnerability targets Internet Explorer users

  Researchers say attackers have exploited the flaw and recommend switching browsers until there's a fix.

• July 18, 2012 18 Jul'12

  Black Hat 2012: Windows 8 security features beat buffer overflow attacks

  Researchers have explored the updated Windows 8 memory protection security features and will present their findings at Black Hat 2012.

• July 10, 2012 10 Jul'12

  Microsoft repairs dangerous XML Core Services zero-day flaw

  The Microsoft XML Core Services vulnerability is being actively targeted by cybercriminals. In addition, Microsoft issued a critical update to Internet Explorer 9.

• June 19, 2012 19 Jun'12

  Metasploit adds Microsoft exploits for MSXML, Internet Explorer flaw

  The Metasploit pen testing software contains working exploits that can target Microsoft XML Core Services flaw and a hole in Internet Explorer.

• June 19, 2012 19 Jun'12

  Intel CPU hardware vulnerable to a privilege escalation attack

  A software implementation issue enables an attacker to escalate privileges or break out of a virtual machine environment.

• June 13, 2012 13 Jun'12

  Microsoft auto update feature for revoking fraudulent certs added

  The feature can automatically remove revoked certificates from Windows Vista and Windows 7 systems. The measure is in response to the Flame attacks.

• June 05, 2012 05 Jun'12

  Microsoft to harden Windows Update in overhaul to address weaknesses

  The overhaul to Windows Update is to follow Microsoft’s emergency update, revoking three fraudulent certificates that could be used in broad attacks.

• June 04, 2012 04 Jun'12

  Microsoft revokes fraudulent certificates used by Flame malware toolkit

  The fraudulent Microsoft certificates were used in the Flame malware attacks and could be used by less sophisticated cybercriminals, according to Microsoft.

• May 08, 2012 08 May'12

  May 2012 Patch Tuesday: Microsoft fixes Duqu Trojan ghost code

  Experts suggest patience when dealing with this month’s round of Microsoft updates.

• May 03, 2012 03 May'12

  Microsoft program breach led to early RDP vulnerability exploit

  Microsoft said a member of its confidential Active Protections Program leaked information that prompted an exploit targeting a flaw patched in March.

• March 16, 2012 16 Mar'12

  Attack code surfaces for Microsoft RDP vulnerabilities

  Antimalware vendors say proof-of-concept exploit code has surfaced on several Chinese websites. Experts recommend patching Windows systems now.

• March 13, 2012 13 Mar'12

  Dangerous Microsoft RDP vulnerabilities repaired in Patch Tuesday

  Vulnerability experts call the Microsoft Remote Desktop Protocol flaws dangerous and say they should be quickly addressed by patching admins.

• December 20, 2011 20 Dec'11

  Critical Windows 7 zero-day vulnerability could lead to iFrame attacks

  Danish vulnerability clearinghouse Secunia is warning of a highly critical memory corruption zero-day vulnerability that could be targeted by attackers. Proof-of-concept code has been published.

• December 13, 2011 13 Dec'11

  December 2011 Patch Tuesday sees 13 Microsoft bulletins, Duqu patch

  Microsoft’s 13 security bulletins included critical Windows and Windows Media Player updates.

• November 08, 2011 08 Nov'11

  One critical bulletin, no Duqu patch, in November 2011 Patch Tuesday updates

  Microsoft’s November 2011 Patch Tuesday security update features four bulletins, one critical, but no patch for the kernel-level vulnerability exploited by the Duqu Trojan.

• August 29, 2011 29 Aug'11

  Morto worm, an old-school Internet worm, spreading via RDP

  Security firms say the Morto worm isn’t a Trojan, but an Internet worm that spreads via Windows Remote Desktop Protocol (RDP).

• August 09, 2011 09 Aug'11

  Microsoft Patch Tuesday: Critical Internet Explorer, Windows DNS updates

  Coding errors could enable attackers to target Windows machines remotely, gain access to sensitive data and gain complete control of a victim’s computer.

• July 07, 2011 07 Jul'11

  Microsoft to repair 22 vulnerabilities across Windows, Office

  The software giant plans to issue four bulletins, one rated “critical” as part of its Patch Tuesday scheduled security updates.

• June 09, 2011 09 Jun'11

  Microsoft and Adobe to issue major security updates

  Critical fixes planned for Windows, Internet Explorer and Adobe Reader.

• May 05, 2011 05 May'11

  Microsoft to issue critical Windows bulletin, revamps Exploitability Index

  Microsoft will revamp its Exploitability Index this month when it issues Patch Tuesday bulletins addressing flaws in Microsoft Windows and Office PowerPoint.

• April 07, 2011 07 Apr'11

  Microsoft to patch 64 vulnerabilities in Windows, Office, Internet Explorer

  The software giant will release a record number of patches April 12.