Microsoft
Malware peddlers hit Office users with old but reliable exploit
Emails delivering RTF files equipped with an exploit that requires no user interaction (except for opening the booby-trapped file) are hitting European users’ inboxes, …
June Patch Tuesday forecast: Apply updates before BlueKeep hits the streets
Can you believe it is June already? Summer is rapidly approaching, but it’s been slow to warm up our temperatures here in the US. I can’t say the same thing about the …
If you haven’t yet patched the BlueKeep RDP vulnerability, do so now
There is still no public, working exploit code for CVE-2019-0708, a flaw that could allow an unauthenticated remote attacker to execute remote code on a vulnerable target …
Microsoft wants to improve routing security
The Mutually Agreed Norms for Routing Security (MANRS) initiative, supported by the Internet Society, announced that Microsoft has joined the program whose primary objective …
Microsoft updates break AV software, again!
Microsoft’s May 2019 security fixes have again disrupted the normal functioning of some endpoint security products on certain Windows versions. Current problems …
Microsoft’s Attack Surface Analyzer now works on Macs and Linux, too
Microsoft has rewritten and open-sourced Attack Surface Analyzer (ASA), a security tool that points out potentially risky system changes introduced by the installation of new …
Ransomware and malware attacks decline, attackers adopting covert tactics
There has been a major decline in ransomware and malware attacks, with Ireland having some of the lowest rates globally, according to the latest report released by Microsoft. …
Intel MDS attack mitigation: An overview
Intel has revealed on Tuesday that some of its CPUs are vulnerable to a number of new speculative execution attacks that may allow attackers to stealing sensitive data and …
Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities
For May 2019 Patch Tuesday, Microsoft has released fixes for 79 vulnerabilities, 22 of which are deemed critical. Among the fixes is that for CVE-2019-0708, a …
SharePoint servers under attack through CVE-2019-0604
CVE-2019-0604, a critical vulnerability opening unpatched Microsoft SharePoint servers to attack, is being exploited by attackers to install a web shell. The web shell allows …
May 2019 Patch Tuesday forecast: Latest OS updates impact performance
Let’s start off the May forecast with a look back at April. For customers running specific endpoint security products, there were some issues with applying April OS updates. …
Only 14% of organizations have completed migration to Windows 10
Almost a quarter of organizations will not be ready for Microsoft to terminate public delivery of Windows 7 security updates on January 14, 2020, the official end of support …