0patch – WindowsTechs.com

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

Posted on April 17, 2025 by Zeljka Zorz

CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitat… Continue reading Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)→

Patching problems: The “return” of a Windows Themes spoofing vulnerability

Posted on October 29, 2024 by Zeljka Zorz

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have … Continue reading Patching problems: The “return” of a Windows Themes spoofing vulnerability→

Micropatches: What they are and how they work

Posted on June 29, 2023 by Help Net Security

In this Help Net Security video, Mitja Kolsek, CEO at Acros Security, discusses micropatches, a solution to a huge security problem. With micropatches, there are no reboots or downtime when patching and no fear that an official update will break produc… Continue reading Micropatches: What they are and how they work→

Attackers are leveraging Follina. What can you do?

Posted on June 3, 2022 by Zeljka Zorz

As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a variety of campaigns. A complex vulnerability Microsoft has described CVE-2022-301… Continue reading Attackers are leveraging Follina. What can you do?→

Zerologon Patches Roll Out Beyond Microsoft

Posted on September 23, 2020 by Tara Seals

A Samba patch and a micropatch for end-of-life servers have debuted in the face of the critical vulnerability. Continue reading Zerologon Patches Roll Out Beyond Microsoft→

What are the benefits of automated, cloud-native patch management?

Posted on August 7, 2020 by Help Net Security

Could organizations recoup their share of more than $1 billion per quarter by moving away from legacy solutions to cloud-native patch management and endpoint hardening? A new report from Sedulo Group says yes. The 2020 TCO Study of Microsoft WSUS &#038… Continue reading What are the benefits of automated, cloud-native patch management?→

Zoom Zero-Day Allows RCE, Patch on the Way

Posted on July 9, 2020 by Tara Seals

Researchers said that the issue is only exploitable on Windows 7 and earlier. Continue reading Zoom Zero-Day Allows RCE, Patch on the Way→

Zoom zero-day flaw allows code execution on victim’s Windows machine

Posted on July 9, 2020 by Zeljka Zorz

A zero-day vulnerability in Zoom for Windows may be exploited by an attacker to execute arbitrary code on a victim’s computer. The attack doesn’t trigger a security warning and can be pulled off by getting the victim to perform a typical ac… Continue reading Zoom zero-day flaw allows code execution on victim’s Windows machine→

Micropatches block exploitation of Windows zero-days under attack

Posted on March 27, 2020 by Zeljka Zorz

While we wait for Microsoft to provide fixes for the two new Windows RCE zero-days that are being exploited in “limited targeted Windows 7 based attacks,” ACROS Security has released micropatches that can prevent remote attackers from explo… Continue reading Micropatches block exploitation of Windows zero-days under attack→

Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles

Posted on February 20, 2020 by John E Dunn

Firefox version 73 has only been out for a week but already Mozilla has had to update it to v73.0.1 to fix a range of browser problems. Continue reading Firefox 73.0.1 fixes crashes, blank web pages and DRM niggles→