News

Microsoft Windows security

• August 29, 2018 29 Aug'18

  Windows 10 zero-day disclosed on Twitter, no fix in sight

  Security researcher SandboxEscaper released proof-of-concept code for a Windows 10 zero-day on Twitter, but Microsoft has no details for a potential patch.

• April 30, 2018 30 Apr'18

  Windows NTFS flaw posted after disclosure gets nowhere

  Proof-of-concept code showing how an NTFS flaw can shut down Windows systems was published by a security researcher nine months after he disclosed it to Microsoft.

• April 06, 2018 06 Apr'18

  Microsoft created Windows Defender flaw by breaking UnRAR code

  Microsoft's poor coding when forking and modifying open source UnRAR code introduced a critical Windows Defender flaw that could allow an attacker full system rights.

• March 28, 2018 28 Mar'18

  Windows Meltdown patches open up more severe issue

  A security researcher discovered the recent Windows Meltdown patches may fix the Intel flaws, but also introduced a more severe vulnerability in some versions of Windows.

• March 07, 2018 07 Mar'18

  McAfee cloud security platform expands to Microsoft Azure

  In its first move following the acquisition of cloud access security broker Skyhigh Networks, McAfee extended its cloud security platform to Microsoft Azure customers.

• February 15, 2018 15 Feb'18

  Intel bug bounty programs widened after Meltdown and Spectre

  Intel's bug bounty program expanded its scope and rewards for bugs across all Intel products, and the company added a new program for side-channel flaws like Meltdown and Spectre.

• February 14, 2018 14 Feb'18

  Microsoft: Windows Analytics can detect Meltdown and Spectre exposure

  Microsoft says Meltdown and Spectre vulnerabilities are now being tracked by Windows Analytics, which shows users the update status for CPU microcode and OS patches.

• December 08, 2017 08 Dec'17

  Emergency Microsoft patch out for Malware Protection Engine

  A critical vulnerability found in the Windows Malware Protection Engine required an emergency Microsoft patch, but one expert said Microsoft hasn't handled the announcement well.

• October 26, 2017 26 Oct'17

  Windows XP patches: Did Microsoft make the right decision?

  Microsoft had to make several tradeoffs when developing patches for Windows XP. Expert Nick Lewis explains what these tradeoffs were and how enterprises should respond.

• September 27, 2017 27 Sep'17

  Windows digital signature bypassed with two registry edits

  The DerbyCon keynote covered why security research is an approachable field, as well as how to bypass a Windows digital signature check to run unwanted code.

• August 11, 2017 11 Aug'17

  Microsoft antivirus policy changes under Kaspersky pressure

  Microsoft antivirus policy changes for Windows 10 Fall Creators Update in order to avoid further action in an antitrust case brought by Kaspersky.

• July 25, 2017 25 Jul'17

  Fancy Bear C&C servers taken down by Microsoft lawsuit

  Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear.

• June 28, 2017 28 Jun'17

  Petya ransomware scam: Lost files can't be restored

  Researchers discovered the rash of Petya-like attacks are nothing more than a ransomware scam, and list files are impossible to restore.

• June 28, 2017 28 Jun'17

  Petya-like global ransomware attack can be mitigated

  A new global ransomware attack has been spreading quickly using the same exploits as WannaCry, but researchers have already found ways to protect users from the damage.

• June 27, 2017 27 Jun'17

  Windows Defender bug could allow full-system takeover

  A newly disclosed Windows Defender bug, which could allow an attacker to fully take over a target system and create admin accounts, marks yet another major antivirus vulnerability.