0patch releases micropatch for Windows Task Scheduler zero-day
Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …
Abandoned by Microsoft, Equation Editor gets “security-adopted” by micropatch pros
Last week, Microsoft did away with Equation Editor, a tool that has been part of Microsoft Office for over 17 years. The reason behind the move? A remote code execution …
Microsoft offers mitigation advice for DDE attacks scenarios
Microsoft has published a security advisorty containing DDE attack mitigation instructions for both users and admins. What’s a DDE attack? For a while now, attackers …
Actively exploited zero-day in IIS 6.0 affects 60,000+ servers
Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited …
Reinventing software patching, curing big security holes
Today’s security updates are too big, too risky and too late. It is common for enterprises to thoroughly test security updates and install them several months after they have …
0patch: Microscopic cures for big security holes
Software vulnerabilities are one of today’s most significant information security issues. Disclosing high profile vulnerabilities has become tremendously rewarding, to the …
Featured news
Resources
Don't miss
- Henkel CISO on the messy truth of monitoring factories built across decades
- The hidden dynamics shaping who produces influential cybersecurity research
- UTMStack: Open-source unified threat management platform
- LLMs are everywhere in your stack and every layer brings new risk
- Building SOX compliance through smarter training and stronger password practices