Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)
The first Patch Tuesday of 2022 is upon us, and Microsoft has delivered patches for 96 CVE-numbered vulnerabilities, including a wormable RCE flaw in Windows Server …
Windows Server
After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)
A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its …
Avoiding the costly ESU cycle: Lessons learned from Windows 7 end-of-life
In June 2021, Microsoft announced the end-of-life date for Windows 10: 14 October 2025. From that point on, there will be no new updates or security fixes for the Home or Pro …
September 2021 Patch Tuesday forecast: It’s new operating system season
Summer vacations are coming to a close and, for many, the children are finally going back to school providing some quiet time. I hope everyone is well rested because the fall …
Bosch upgrades its Dicentis system server with new hardware from HP
The Dicentis system server from Bosch has become very popular since its launch in 2019, with more than 60% of Dicentis Conference System installations now including the …
PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)
CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that …
May 2021 Patch Tuesday forecast: Spring cleaning is in order
There’s an event referred to as spring cleaning, where we take some time from our regular routines to focus on bringing order back to our homes. We remove the junk that has …
Guardicore extends microsegmentation and zero trust security to protect legacy infrastructure and IT
Guardicore announced new capabilities that extends microsegmentation and zero trust security to the industry broadest catalog of legacy servers, applications, and operating …
February 2021 Patch Tuesday: Microsoft and Adobe fix exploited zero-days
On this February 2021 Patch Tuesday: Adobe has fixed a Reader flaw used in limited attacks, as well as delivered security updates for a variety of products, including Acrobat …
October 2020 Patch Tuesday: Microsoft fixes potentially wormable Windows TCP/IP RCE flaw
On this October 2020 Patch Tuesday: Microsoft has plugged 87 security holes, including critical ones in the Windows TCP/IP stack and Microsoft Outlook and Microsoft 365 Apps …
CISA orders federal agencies to implement Zerologon fix by Monday
If you had any doubts about the criticality of the Zerologon vulnerability (CVE-2020-1472) affecting Windows Server, here is a confirmation: the US Cybersecurity and …
Are your domain controllers safe from Zerologon attacks?
CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability …
