Bad Microsoft Meltdown Patch Made Some Windows Systems Less Secure

Researcher finds Microsoft’s January Patch Tuesday release included a fix for the Intel Meltdown bug, however the update opened up a new vulnerability. Continue reading Bad Microsoft Meltdown Patch Made Some Windows Systems Less Secure

CredSSP Flaw in Remote Desktop Protocol Affects All Versions of Windows

A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.

CredSS… Continue reading CredSSP Flaw in Remote Desktop Protocol Affects All Versions of Windows

Microsoft Issues Security Patch Update for 14 New Critical Vulnerabilities

Microsoft’s Patch Tuesday for this month falls the day before the most romantic day of the year.

Yes, it’s Valentine’s, and the tech giant has released its monthly security update for February 2018, addressing a total of 50 CVE-listed vulnerabilities … Continue reading Microsoft Issues Security Patch Update for 14 New Critical Vulnerabilities

Microsoft Releases Patches for 16 Critical Flaws, Including a Zero-Day

If you think that only CPU updates that address this year’s major security flaws—Meltdown and Spectre—are the only ones you are advised to grab immediately, there are a handful of major security flaws that you should pay attention to.

Microsoft has is… Continue reading Microsoft Releases Patches for 16 Critical Flaws, Including a Zero-Day

January Patch Tuesday – Meltdown/Spectre, 16 critical Microsoft patches, 1 Adobe patch

Due to the disclosure of Meltdown and Spectre, Microsoft released several patches last week with the ranking “Important.” While there are no active attacks against these vulnerabilities, a special focus should be placed on any of the browse… Continue reading January Patch Tuesday – Meltdown/Spectre, 16 critical Microsoft patches, 1 Adobe patch

Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10

Google’s Project Zero team dubs a new WPAD-related attack as an “aPAColypse Now” that allows a local attacker to compromise a targeted and fully patched Windows 10 PC. Continue reading Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10

December Patch Tuesday: Quiet End to the Year

This December Patch Tuesday is considerably lighter than last month’s patch releases.  While only three of the fixes were for Windows operating systems, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine-bas… Continue reading December Patch Tuesday: Quiet End to the Year

Patch Tuesday: Microsoft Releases Update to Fix 53 Vulnerabilities

It’s Patch Tuesday—time to update your Windows devices.

Microsoft has released a large batch of security updates as part of its November Patch Tuesday in order to fix a total of 53 new security vulnerabilities in various Windows products, 19 of which rated as critical, 31 important and 3 moderate.

The vulnerabilities impact the Windows OS, Microsoft Office, Microsoft Edge, Internet Explorer,

Continue reading Patch Tuesday: Microsoft Releases Update to Fix 53 Vulnerabilities

Microsoft Patches 20 Critical Vulnerabilities

This month, Microsoft’s Patch Tuesday updates tackle fixes for 53 security bugs in Windows, Office, Internet Explorer, Edge, ASP.NET Core, .NET Core, and its Chackra Core browser engine. Continue reading Microsoft Patches 20 Critical Vulnerabilities

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

As part of its “October Patch Tuesday,” Microsoft has today released a large batch of security updates to patch a total of 62 vulnerabilities in its products, including a severe MS office zero-day flaw that has been exploited in the wild.

Security upd… Continue reading Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack