Microsoft
Microsoft patches flaw exploited by Stuxnet – again
Among the vulnerabilities patched by Microsoft in this month’s Patch Tuesday is one that was supposedly patched back in 2010. The Windows Shell Shortcut Icon Loading …
Microsoft patches Windows, IE, Office, SharePoint
This month Microsoft has released 14 new bulletins, 5 of which are rated as Critical, 9 as Important. As a déjà vu from last month, a critical remote code execution …
Windows vulnerable to FREAK attacks after all
Microsoft has released a security advisory on Thursday, confirming that all supported releases of Microsoft Windows are vulnerable to the recently documented FREAK (Factoring …
Researchers create automated signature compiler for exploit detection
A trio of researchers from Microsoft and University of Erlangen-Nuremberg have created Kizzle, a compiler for generating signatures for detecting exploit kits delivering …
Windows 10 will offer password-free authentication
The upcoming Windows 10 will offer more authentication options instead of just passwords, Dustin Ingalls, Group Program Manager for Windows Security & Identity, has …
Attackers can bypass Windows’ protections by changing a single bit
Among the many vulnerabilities that Microsoft patched on Tuesday is one that can be exploited to bypass all Windows security measures by, curiously enough, modifying a single …
Microsoft fixes critical remotely exploitable Windows root-level design bug
In this month’s Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet …
Corporate users hit with fake Microsoft email delivering sneaky malware
A well-crafted and extremely legit-looking spam email campaign is currently targeting corporate users around the world, ultimately leading the victims to difficult-to-detect …
Analysis of 2014 Microsoft patch trend data
Tripwire announced an analysis of Microsoft patch data from 2014. “The 2014 data clearly shows that Microsoft is packing in more CVEs per bulletin in 2014,” said …
Outlook for iOS breaks company security, developer warns
One the same day that Microsoft released its new Outlook app for iOS, a developer has warned that it breaks corporate security in multiple ways. René Winkelmeyer, Head of …
Supposedly clean Office documents download malware
Bitdefender is warning Microsoft Office users against the emergence of a new spam campaign that is looking to trick antispam filters in order to allow spam to pass freely into …
Microsoft releases Sysmon 2.0
Sysmon is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do