Microsoft Releases Patches for 64 Flaws — Two Under Active Attack

It’s time for another batch of “Patch Tuesday” updates from Microsoft.

Microsoft today released its March 2019 software updates to address a total of 64 CVE-listed security vulnerabilities in its Windows operating systems and other products, 17 of whi… Continue reading Microsoft Releases Patches for 64 Flaws — Two Under Active Attack

Windows 10 ‘S Mode’ Coming Soon — For Security and Performance

Microsoft has confirmed that the company is planning to convert Windows 10 S from a dedicated operating system to a special “S Mode” that will be available in all versions of Windows.

Windows 10 S, a new operating system designed for simplicity, secur… Continue reading Windows 10 ‘S Mode’ Coming Soon — For Security and Performance

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

As part of its “October Patch Tuesday,” Microsoft has today released a large batch of security updates to patch a total of 62 vulnerabilities in its products, including a severe MS office zero-day flaw that has been exploited in the wild.

Security upd… Continue reading Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

Windows 10 to Give More Control Over App-level Permissions

Microsoft has been gradually changing its privacy settings in Windows 10 with the Fall Creators Update to give its users more controls over their data.

In April, Microsoft addressed some initial privacy concerns in the Windows 10 Creators Update with simplified data collection levels—Security, Basic, Enhanced, and Full—and eventually revealed its data collection practices.

Now, the software

Continue reading Windows 10 to Give More Control Over App-level Permissions

New GhostHook Attack Bypasses Windows 10 PatchGuard Protections

Vulnerabilities discovered in Microsoft PatchGuard kernel protection could allow hackers to plant rootkits on computers running the company’s latest and secure operating system, Windows 10.

Researchers at CyberArk Labs have developed a new attack tech… Continue reading New GhostHook Attack Bypasses Windows 10 PatchGuard Protections

Fileless UAC Bypass Uses Windows Backup and Restore Utility

Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert. Continue reading Fileless UAC Bypass Uses Windows Backup and Restore Utility

Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

Microsoft was very upset with Google last week when its Threat Analysis Group publically disclosed a critical Windows kernel vulnerability (CVE-2016-7255) that had yet to be patched.

The company criticized Google’s move, claiming that the disclosure o… Continue reading Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

Microsoft Patches 5 Zero-Day Vulnerabilities Being Exploited in the Wild

Microsoft has released its monthly Patch Tuesday update including a total of 10 security bulletin, and you are required to apply the whole package of patches altogether, whether you like it or not.

That’s because the company is kicking off a controver… Continue reading Microsoft Patches 5 Zero-Day Vulnerabilities Being Exploited in the Wild