Microsoft Exchange Server zero-day

Microsoft: Two New 0-Day Flaws in Exchange Server

Posted on September 30, 2022 by BrianKrebs

Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and receive email. Microsoft says it is expediting work on software patches to plug the security holes. In the meantime, it is urging a subset of Exchange customers to enable a setting that could help mitigate ongoing attacks. Continue reading Microsoft: Two New 0-Day Flaws in Exchange Server→

Microsoft Patch Tuesday, November 2021 Edition

Posted on November 9, 2021 by BrianKrebs

Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Two of the patches address vulnerabilities that are already being used in active attacks online, and four of the flaws were disclosed publicly before today — potentially giving adversaries a head start in figuring out how to exploit them. Continue reading Microsoft Patch Tuesday, November 2021 Edition→