Collaborate Disseminate
A dangerous threat has recently been identified by security researchers as the Windows Search service vulnerability. Its alternative name is Bookworm and while it has been reported to Microsoft, the company has not yet patched the issue. All About The…. Continue reading Bookworm Windows Search Service Vulnerability Still Not Patched
Meltdown CPU vulnerability was bad, and Microsoft somehow made the flaw even worse on its Windows 7, allowing any unprivileged, user-level application to read content from and even write data to the operating system’s kernel memory.
For those unaware,… Continue reading Microsoft’s Meltdown Patch Made Windows 7 PCs More Insecure
You have always been warned not to share remote access to your computer with untrusted people for any reason—it’s a basic cybersecurity advice, and common sense, right?
But what if, I say you should not even trust anyone who invites or offer you full … Continue reading Windows Remote Assistance Exploit Lets Hackers Steal Sensitive Files
Unlike the initial reports suggested about Intel chips being vulnerable to some severe ‘memory leaking’ flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulne… Continue reading Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors
Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated during DEF CON. Continue reading Windows SMB Zero Day to Be Disclosed During DEF CON
As part of this month’s Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.
Researchers at behavioral fi… Continue reading Critical Flaws Found in Windows NTLM Security Protocol – Patch Now
Google Project Zero’s Tavis Ormandy found another remote code execution vulnerability in the Microsoft Malware Protection Engine, the third since early May. Continue reading Another RCE Vulnerability Patched in Microsoft Malware Protection Engine
A security researcher has just discovered a stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks.
According to Kafeine, a security researcher at Proo… Continue reading Weeks Before WannaCry, Cryptocurrency Mining Botnet Was Using Windows SMB Exploit
Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows. Continue reading Emergency Update Patches Zero Day in Microsoft Malware Protection Engine
Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich found a remotely exploitable Windows vulnerability that Ormandy called he worst in recent memory. Continue reading Wormable Windows Zero Day Reported to Microsoft