Windows Update Flaws Allow Undetectable Downgrade Attacks

Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.
The post Windows Update Flaws Allow Undetectable Downgrade Attacks appeared first on SecurityWeek.
Continue reading Windows Update Flaws Allow Undetectable Downgrade Attacks

BlackLotus bootkit patch may bring “false sense of security”, warns NSA

The NSA has publsihed a guide about how to mitigate against attacks involving the BlackLotus bootkit malware, amid fears that system administrators may not be adequately protecting against the threat.

Read more in my article on the Tripwire State of… Continue reading BlackLotus bootkit patch may bring “false sense of security”, warns NSA

Microsoft Patch Tuesday, May 2023 Edition

Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other software, including patches for two zero-day vulnerabilities that are already being exploited in active attacks. Continue reading Microsoft Patch Tuesday, May 2023 Edition