![micropatches](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/21112414/micropatches-400x200.jpg)
Micropatches: What they are and how they work
In this Help Net Security video, Mitja Kolsek, CEO at Acros Security, discusses micropatches, a solution to a huge security problem. With micropatches, there are no reboots or …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2022/06/03180720/microsoft-broken-400x200.jpg)
Attackers are leveraging Follina. What can you do?
As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a …
![fix](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092940/aid1-400x200.jpg)
What are the benefits of automated, cloud-native patch management?
Could organizations recoup their share of more than $1 billion per quarter by moving away from legacy solutions to cloud-native patch management and endpoint hardening? A new …
![Zoom](https://img.helpnetsecurity.com/wp-content/uploads/2020/07/09141444/zoom-hands-bkg-400x200.jpg)
Zoom zero-day flaw allows code execution on victim’s Windows machine
A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a …
![patch](https://img.helpnetsecurity.com/wp-content/uploads/2019/07/09093958/patch3-400x200.jpg)
Micropatches block exploitation of Windows zero-days under attack
While we wait for Microsoft to provide fixes for the two new Windows RCE zero-days that are being exploited in “limited targeted Windows 7 based attacks,” ACROS …
![Internet Explorer](https://img.helpnetsecurity.com/wp-content/uploads/2020/01/21163538/ie-tunnel-400x200.jpg)
Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects
ACROS Security has released a micropatch that implements the workaround for a recently revealed actively exploited zero-day RCE flaw affecting Internet Explorer …
![bomb](https://img.helpnetsecurity.com/wp-content/uploads/2019/01/09095359/bomb-400x200.jpg)
BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable
Two weeks have passed since Microsoft released security fixes and mitigation advice to defang exploits taking advantage of CVE-2019-0708 (aka BlueKeep), a wormable …
![AlgoSec CloudFlow](https://img.helpnetsecurity.com/wp-content/uploads/2019/04/09094707/algosec-cloudflow-400x200.jpg)
New infosec products of the week: April 5, 2019
Free cybersecurity threat assessment for midsize and large organizations Cynet unveiled the Cynet Threat Assessment program. The free offering for organizations with 500 or …
![Windows](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100324/windows2-400x200.jpg)
0patch releases micropatch for Windows Task Scheduler zero-day
Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …
![resurrection](https://img.helpnetsecurity.com/wp-content/uploads/2016/03/09113925/hackingteam-400x200.jpg)
Abandoned by Microsoft, Equation Editor gets “security-adopted” by micropatch pros
Last week, Microsoft did away with Equation Editor, a tool that has been part of Microsoft Office for over 17 years. The reason behind the move? A remote code execution …
![stop](https://img.helpnetsecurity.com/wp-content/uploads/2017/10/09102855/stop-400x200.jpg)
Microsoft offers mitigation advice for DDE attacks scenarios
Microsoft has published a security advisorty containing DDE attack mitigation instructions for both users and admins. What’s a DDE attack? For a while now, attackers …
![Microsoft](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104629/microsoft-shade-400x200.jpg)
Actively exploited zero-day in IIS 6.0 affects 60,000+ servers
Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege