-
Recent Microsoft 0-Day Used for Cyber-Espionage and Mundane Malware Distribution
The saga of CVE-2017-0199, a recently patched zero-day vulnerability affecting Microsoft Office and WordPad, just got a little stranger yesterday after cyber-security firm FireEye revealed the vulnerability was used by both cyber-criminals pushing mundane malware, and also by state-sponsored cyber-espionage groups.
- April 13, 2017
- 06:20 AM
0
-
In the Mess of Its New Security Updates Format, Microsoft Patched 3 Bugs Exploited in Live Attacks
Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins.
- April 12, 2017
- 05:21 AM
1
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Microsoft's April 2017 Patch Tuesday Comes with 61 Security Updates
As part of the April 2017 Patch Tuesday, Microsoft released today 61 security updates for products such as its operating systems, browsers, the Office suite, and others.
- April 11, 2017
- 05:40 PM
- 0
-
Microsoft Starts Windows 10 Creators Update Rollout
A few hours ago, Microsoft officially launched the Windows 10 Creators Update, which has slowly started rolling out to a few selected Windows 10 users and will continue to reach new devices in the upcoming weeks.
- April 11, 2017
- 02:35 PM
- 0
-
Microsoft Office Zero-Day Used to Push Dridex Banking Trojan
The operators of the Dridex botnet are using the recently disclosed Microsoft Office zero-day to spread a version of their malware, the infamous Dridex banking trojan.
- April 11, 2017
- 03:33 AM
- 2
-
Attacks Detected with New Microsoft Office Zero-Day
Cyber-security firms McAfee and FireEye have both disclosed in-the-wild attacks with a new Microsoft Office zero-day that allows attackers to silently execute code on targeted machines and secretly install malware.
- April 08, 2017
- 06:10 PM
- 0
-
Unofficial Windows 10 Creators Update Changelog
Microsoft is set to launch the Windows 10 Creators Update next week, on Tuesday, on April 11, at which time we'll have all the official details about the company's next major Windows 10 version. Until then, here's an unofficial changelog.
- April 08, 2017
- 05:00 AM
- 0
-
Windows 10 Creators Update Lets You Uninstall OneDrive with One Click
Microsoft adds Uninstall button for OneDrive. Users no longer have to walk on nails and sacrifice lambs to the Microsoft deity in order to uninstall OneDrive from their PCs.
- April 07, 2017
- 06:43 AM
- 2
-
Microsoft Reveals for the First Time the Data It Collects in Windows 10
Microsoft turned a new leaf today and published a list of diagnostics data the company will be collecting from users of Windows 10 Creators Update, scheduled for launch next week, on April 11.
- April 05, 2017
- 02:05 PM
- 5
-
Install Windows 10 Creators Update Starting Today With This Microsoft Tool
Microsoft will officially release Windows 10 Creators Update on April 11, the same day it will retire Windows Vista, but users unwilling to wait that long can install it starting today, April 5, using the Windows 10 Update Assistant.
- April 05, 2017
- 01:00 PM
- 0
-
Windows NTP Time Service Sends Wrong Time to Users Worldwide
A mysterious issue is affecting the default Windows NTP server (time.windows.com), according to multiple complaints coming from Reddit and Twitter users.
- April 03, 2017
- 04:20 PM
- 3
-
Tech News Brief: Twitter's New Avatars, CodePlex Shuts Down, IAAF & NY Post Hacked
A quick round-up of various stories going on in tech right now
- April 03, 2017
- 10:56 AM
- 2
-
New IIS 6.0 Zero-Day Exploited in Live Attacks Since July 2016
Since July 2016, attackers have been using a zero-day in IIS 6.0 to compromise and take over Windows servers. The vulnerability only affects IIS 6.0, which was released in November 2010, and shipped with Windows Server 2003 and Windows XP Professional x64 Edition.
- March 29, 2017
- 07:07 AM
- 1
-
Microsoft Quietly Patched Windows Zero-Day Used in Attacks by Zirconium Group
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface), included in all Windows OS versions.
- March 27, 2017
- 04:55 PM
- 1
-
Microsoft Patches Third Zero-Day Used in Massive Malvertising Campaign
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
- March 27, 2017
- 07:10 AM
- 0
-
Reminder: Microsoft Will Pull the Plug on Windows Vista in Two Weeks
We're almost two weeks away from Windows Vista's official End of Life (EoL) date, April 11, 2017, more than ten years after Microsoft officially launched Windows, back in January 2007.
- March 25, 2017
- 06:51 PM
- 6
-
Users File Class Action Lawsuit Against Microsoft over Botched Windows 10 Upgrades
Three angry Windows 10 users have filed a lawsuit against Microsoft over botched Windows 10 upgrades, which plaintiffs claim destroyed their data, damaged computers, and incurred lost time and money.
- March 25, 2017
- 04:16 PM
- 12
-
New (but Old) Technique Hijacks User Sessions on All Windows Versions
A security researcher has detailed a way to log into any account on the same computer, even without knowing its password. The trick works on all Windows versions, doesn't require special privileges, and the researcher can't figure out if it's a Windows feature or security flaw.
- March 19, 2017
- 06:44 AM
- 2
-
Microsoft Forces Owners of Recent CPU Architectures to Use Windows 10
Users of new CPU architectures will not receive Windows 7 and 8.1 updates anymore, according to a Microsoft support topic published last week.
- March 16, 2017
- 06:27 PM
- 6
-
Windows 10 UAC Bypass Uses Backup and Restore Utility
A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning.
- March 16, 2017
- 06:47 AM
- 4
