Microsoft

Project Springfield: Cloud-based fuzz testing for uncovering million-dollar bugs
This Moday Microsoft debuted Project Springfield, a cloud-based fuzz testing (aka fuzzing) service that the company has been working on for a quite a while. David Molnar and …

Microsoft equips Edge with hardware-based container
Microsoft has announced a new capability that will make its Edge browser the most secure web browsing option for enterprises: Windows Defender Application Guard. Windows …

Ransomware usage explodes, as app, browser and plug-in vulnerabilities increase
Bromium conducted research on cyber attacks and threats affecting enterprise security over the last six months. The good news is while the number of vulnerabilities is …

Microsoft ends Tuesday patches
Yesterday was a big day for Patch Tuesday. It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches …

Windows users will no longer be able to apply individual patches
Since Microsoft began pushing Windows 10 on consumers and enterprise users, it has consistently worked towards minimizing the choices they can make about the installation. One …

There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them …

Microsoft releases five critical updates
Microsoft continued a trend of fewer updates than we are used to with only 9 bulletins (5 critical and 4 important) released this month. It stands to reason that Microsoft may …

Flawed code hooking engines open endpoints to compromise
Six common security issues stemming from the incorrect implementation of code hooking and injection techniques have been unearthed by EnSilo researchers in over 15 different …

How to steal money from Instagram, Google and Microsoft
Some account options deployed by Instagram, Google and Microsoft can be misused to steal money from the companies by making them place phone calls to premium rate numbers, …
US DOJ can’t access data stored abroad with just a warrant, court rules
The US Department of Justice cannot force Microsoft to produce the contents of a customer’s email account stored on a server located outside the US with just a warrant, a US …

Windows 10 Anniversary Update brings security improvements
Microsoft has scheduled the release of Windows 10 Anniversary Update for August 2. Aside from new and/or improved tools to aid with productivity, gaming, device set-up, and a …

Microsoft creates Checked C extension to prevent common coding errors
Fixing vulnerabilities in completed software and systems is all good and well, but with Checked C, an extension for the C programming language, Microsoft researchers want to …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do