Microsoft Windows – Page 10

CISA issues emergency order requiring agencies to patch critical Windows bug

Posted on July 16, 2020 by Sean Lyngaas

The Department of Homeland Security’s cybersecurity division on Thursday ordered federal civilian agencies to apply a security fix for a newly revealed Microsoft Windows vulnerability, citing the “unacceptable significant risk” posed by the flaw to agencies’ security. The emergency order — only the third ever issued by DHS’s Cybersecurity and Infrastructure Security Agency — gave agencies roughly 24 hours to either patch Windows servers used for domain name system purposes or apply another mitigation. Organizations with affected servers that aren’t for DNS have until July 24 to patch. The urgency of the directive is “based on the likelihood of the vulnerability being exploited, the widespread use of the affected software across the federal enterprise, the high potential for a compromise of agency information systems, and the grave impact of a successful compromise,” CISA said in its directive. The agency said it wasn’t aware of any active exploitation of the vulnerability — yet. “[I]t […]

The post CISA issues emergency order requiring agencies to patch critical Windows bug appeared first on CyberScoop.

Continue reading CISA issues emergency order requiring agencies to patch critical Windows bug→

Zero-day flaw found in Zoom for Windows 7

Posted on July 9, 2020 by Sean Lyngaas

A previously unknown flaw in the videoconferencing software Zoom could allow a hacker to remotely commandeer computers running old versions of the Microsoft Windows operating system, security researchers said Thursday. A hacker who successfully exploits the vulnerability could access files on the vulnerable computer, said Mitja Kolsek, chief executive of ACROS Security, the Slovenian cybersecurity firm that highlighted the issue. “If the user is a local administrator, the attacker could completely take over the computer,” Kolsek told CyberScoop. The “zero-day” vulnerability applies to Zoom software running on Windows 7, or even older operating systems. Microsoft has tried to phase technical support out for Windows 7 in an effort to encourage users to upgrade to more secure operating systems. But Windows 7 is still widely used, and some organizations have struggled to move their computers to the latest Windows software en masse. Kolsek said he is holding off on publishing a full […]

The post Zero-day flaw found in Zoom for Windows 7 appeared first on CyberScoop.

Continue reading Zero-day flaw found in Zoom for Windows 7→

Self-Propagating Lucifer Malware Targets Windows Systems

Posted on June 24, 2020 by Lindsey O'Donnell

A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities. Continue reading Self-Propagating Lucifer Malware Targets Windows Systems→

Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update

Posted on June 9, 2020 by Lindsey O'Donnell

The June Patch Tuesday update included CVEs for 11 critical remote code-execution vulnerabilities and concerning SMB bugs. Continue reading Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update→

Mirantis releases its first major update to Docker Enterprise

Posted on May 28, 2020 by Frederic Lardinois

In a surprise move, Mirantis acquired Docker’s Enterprise platform business at the end of last year and while Docker itself is refocusing on developers, Mirantis kept the Docker Enterprise name and product. Today, Mirantis is rolling out its first major update to Docker Enterprise with the release of version 3.1. For the most part, these […] Continue reading Mirantis releases its first major update to Docker Enterprise→

The zero-day exploits of Operation WizardOpium

Posted on May 28, 2020 by Boris Larin

Back in October 2019 we detected a classic watering-hole attack that exploited a chain of Google Chrome and Microsoft Windows zero-days. In this blog post we’d like to take a deep technical dive into the attack. Continue reading The zero-day exploits of Operation WizardOpium→

Gremlin brings chaos engineering to Windows platform

Posted on May 19, 2020 by Ron Miller

Chaos engineering is about helping companies set up worst case scenarios and testing them to see what causes the operating system to fall over, but up until now, it has mostly been for teams running Linux servers. Gremlin, the startup that offers Chaos Engineering as a Service released a new tool to give engineers working […] Continue reading Gremlin brings chaos engineering to Windows platform→

Microsoft makes it easier to get started with Windows Virtual Desktops

Posted on April 30, 2020 by Frederic Lardinois

Microsoft today announced a slew of updates to various parts of its Microsoft 365 ecosystem. A lot of these aren’t all that exciting (though that obviously depends on your level of enthusiasm for products like Microsoft Endpoint Manager), but the overall thrust behind this update is to make life easier for the IT admins that […] Continue reading Microsoft makes it easier to get started with Windows Virtual Desktops→

Report Highlights Microsoft Admin Privilege Risks

Posted on March 30, 2020 by Michael Vizard

A Microsoft Vulnerabilities Report published by BeyondTrust, a provider of privilege access management (PAM) software, serves as a reminder of how more crucial than ever it is to turn off administrative rights now that many employees are working from … Continue reading Report Highlights Microsoft Admin Privilege Risks→

Report Highlights Microsoft Admin Privilege Risks

Posted on March 30, 2020 by Michael Vizard