Windows Server Archives - Help Net Security

Windows Server

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

January 26, 2023

Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker …

Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)

October 11, 2022

October 2022 Patch Tuesday is here, with fixes for 85 CVE-numbered vulnerabilities, including CVE-2022-41033, a vulnerability in Windows COM+ Event System Service that has …

August 2022 Patch Tuesday forecast: Printers again?

August 5, 2022

July 2022 Patch Tuesday came and went quietly as expected. Microsoft addressed 40 CVEs in Windows 11 and 46 CVEs in the Windows 10 set of updates. It was a little unusual …

Microsoft fixes Follina and 55 other CVEs

June 14, 2022

June 2022 Patch Tuesday has been marked by Microsoft with the release of fixes for 55 new CVEs, as well as security updates that fix Follina (CVE-2022-30190), the Microsoft …

Qbot – known channel for ransomware – delivered via phishing and Follina exploit

June 8, 2022

More than a week has passed since Microsoft acknowledged the existence of the “Follina” vulnerability (CVE-2022-30190), after reports of it being exploited in the …

Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)

April 15, 2022

Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy …

Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)

January 11, 2022

The first Patch Tuesday of 2022 is upon us, and Microsoft has delivered patches for 96 CVE-numbered vulnerabilities, including a wormable RCE flaw in Windows Server …

After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

November 24, 2021

A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its …

Avoiding the costly ESU cycle: Lessons learned from Windows 7 end-of-life

November 1, 2021

In June 2021, Microsoft announced the end-of-life date for Windows 10: 14 October 2025. From that point on, there will be no new updates or security fixes for the Home or Pro …

September 2021 Patch Tuesday forecast: It’s new operating system season

September 10, 2021

Summer vacations are coming to a close and, for many, the children are finally going back to school providing some quiet time. I hope everyone is well rested because the fall …

Bosch upgrades its Dicentis system server with new hardware from HP

July 21, 2021

The Dicentis system server from Bosch has become very popular since its launch in 2019, with more than 60% of Dicentis Conference System installations now including the …

PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)

June 30, 2021

CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …

Windows Server

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)

August 2022 Patch Tuesday forecast: Printers again?

Microsoft fixes Follina and 55 other CVEs

Qbot – known channel for ransomware – delivered via phishing and Follina exploit

Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)

Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)

After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

Avoiding the costly ESU cycle: Lessons learned from Windows 7 end-of-life

September 2021 Patch Tuesday forecast: It’s new operating system season

Bosch upgrades its Dicentis system server with new hardware from HP

PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)

Don't miss

CISA releases free tool for detecting malicious activity in Microsoft cloud environments

Top ways attackers are targeting your endpoints

Why organizations shouldn’t fold to cybercriminal requests

Fake ChatGPT for Google extension hijacks Facebook accounts

A common user mistake can lead to compromised Okta login credentials