Please turn on your JavaScript for this page to function normally.
Microsoft Office
Microsoft Office apps are vulnerable to IDN homograph attacks

Microsoft Office apps – including Outlook – are vulnerable to homograph attacks based on internationalized domain names (IDNs). In practice, this means that users …

Microsoft support
Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190)

A newly numbered Windows zero-day vulnerability (CVE-2022-30190) is being exploited in the wild via specially crafted Office documents (without macros), security researchers …

fix
Windows Autopatch: Managed enterprise patching for Windows and Office

While IT administrators are mentally preparing themselves for yet another Patch Tuesday, Microsoft has announced Windows Autopatch: a new service that aims make the second …

Patch Tuesday
Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)

The first Patch Tuesday of 2022 is upon us, and Microsoft has delivered patches for 96 CVE-numbered vulnerabilities, including a wormable RCE flaw in Windows Server …

swirl
Attackers bypass Microsoft patch to deliver Formbook malware

Sophos Labs researchers have detected the use of a novel exploit able to bypass a patch for a critical vulnerability (CVE-2021-40444) affecting the Microsoft Office file …

Patch Tuesday
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)

It’s the final Patch Tuesday of 2021 and Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to …

Microsoft
Microsoft announces passwordless authentication option for consumers

After offering the passwordless authentication option to enterprise customers in March 2021, Microsoft has now started rolling it out to its consumer segment of users. The …

Windows
Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444)

Attackers are exploiting CVE-2021-40444, a zero-day remote code execution vulnerability in MSHTML (the main HTML component of the Internet Explorer browser), to compromise …

Office 365
Finding 365 bugs in Microsoft Office 365

Microsoft 365 is used by over a billion users worldwide, so attackers are naturally deeply invested in compromising its security. One of the ways of making sure this suite of …

virtual reality
Using virtualization to isolate risky applications and other endpoint threats

More and more security professionals are realizing that it’s impossible to fully secure a Windows machine – with all its legacy components and millions of potentially …

patch
Update MS Office, Paint 3D to plug RCE vulnerabilities

A week after the April 2020 Patch Tuesday, Microsoft has released out-of-band security updates for its Office suite, to fix a handful of vulnerabilities that attackers could …

patch
February 2020 Patch Tuesday: Microsoft fixes 99 vulnerabilities, Adobe 42

February 2020 Patch Tuesday is here. To mark the occasion, Microsoft has released fixes for 99 vulnerabilities – 12 critical, one of which is being exploited in the wild …

Don't miss

Cybersecurity news