Neowin News Feed for: 0-day

Windows 11, Microsoft Edge, and Exchange hacked at Pwn2Own

Usama Jawad — Fri, 15 May 2026 18:38:01 +0000

Microsoft products and AI apps fell to multiple 0-days at Pwn2Own 2026 as researchers claimed huge cash prizes. Read more...

Microsoft Defender, Avast, AVG turned against Windows to permanently delete files

Sayan Sen — Sun, 11 Dec 2022 18:36:01 +0000

Microsoft Defender, AVG, Avast, and more, were found vulnerable to a new zero-day security exploit through which harmless files, even system files, could be deleted using the anti-virus. Read more...

Microsoft is working on expedited Windows updates for commercial customers

Usama Jawad — Tue, 25 Oct 2022 04:16:01 +0000

Microsoft has implemented a public preview of a mechanism that allows Windows Update for Business customers to expedite the rollout of security updates. It's coming soon for non-security updates too. Read more...

Microsoft stopped an Austrian firm selling spyware enabling unauthorized surveillance

Alap Naik Desai — Wed, 27 Jul 2022 23:00:02 +0000

Microsoft's Threat Intelligence Center (MSTIC) claims it caught an Austrian company selling spyware called Subzero. The malware relied on zero-day vulnerabilities, which have been patched. Read more...

Microsoft Weekly: Windows 11 updates, leaked OneDrive, and security

Usama Jawad — Sat, 09 Jul 2022 17:16:01 +0000

This week's recap of Microsoft news contains a lot of items related to cybersecurity, botched Windows 11 updates, a leaked OneDrive client, and updates for multiple Office apps and services. Read more...

Following Chrome, Edge gets emergency update for high severity 0-day exploit too

Usama Jawad — Thu, 07 Jul 2022 06:54:01 +0000

Following in the footsteps of Chrome, Edge has received an update to fix a rather severe 0-day exploit too. This is because the issue affects all browsers based on Chromium, including Edge. Read more...

Google Chrome receives emergency security update for 0-day exploit

Usama Jawad — Tue, 05 Jul 2022 06:40:02 +0000

Google has rolled out security updates for Chrome across various channels to fix a handful of issues, including one 0-day exploit. Details of the problem are private for now but it has high severity. Read more...

'Alien' spyware is loading Predator malware on Android devices, warns Google

Alap Naik Desai — Mon, 23 May 2022 16:00:01 +0000

Sophisticated "Alien" spyware is targeting Android users to download "Predator" malware, which can record audio, hide apps, and perform several more nefarious activities. Google has sent out patches. Read more...

Google Project Zero detected record high 0-day exploits in 2021, but it's not all bad news

Usama Jawad — Wed, 20 Apr 2022 07:18:01 +0000

Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too. Read more...

Mozilla Firefox receives out of band update to patch two critical security exploits

Alap Naik Desai — Sat, 05 Mar 2022 23:00:02 +0000

Mozilla has released Firefox v97.0.2. It's an out-of-band security update to patch two "Critical" security flaws that are being exploited in the wild. These 0-Days rely on the 'Use-after-free' bug. Read more...

On-premises Exchange servers are under attack from a state-sponsored group

Usama Jawad — Wed, 03 Mar 2021 13:04:01 +0000

Microsoft has revealed that on-premises Exchange servers are under attack from a state-sponsored group operating from China and utilizing 0-day exploits. Exchange Online is safe from the threat. Read more...

Mozilla pushes Firefox 74.0.1 fixing two zero-day exploits

Paul Hill — Sat, 04 Apr 2020 17:16:01 +0000

Mozilla has released Firefox 74.0.1 which includes patches for two zero-day vulnerabilities that are actively being exploited in the wild. The vulnerabilities allow hackers to run code on systems. Read more...

Valve fixes zero-day exploit for Steam in latest beta

Muhammad Jarir Kanji — Sat, 10 Aug 2019 06:28:01 +0000

Valve has now begun fixing a zero-day exploit in Steam that could result in an escalation of privilege attack, after public criticism from the researcher who found it made headlines. Read more...

Zero-day Windows vulnerability that can supposedly bypass EMET up for sale for $90,000

Vlad Dudau — Wed, 01 Jun 2016 12:26:01 +0000

A credible zero-day vulnerability is being auctioned off on criminal websites. The exploit can be used on all versions of Windows including 10 and can even supposedly bypass Microsoft's EMET suite. Read more...

Every browser falls at this year's record-setting Pwn2Own

Steven Johns — Sun, 16 Mar 2014 09:20:32 +0000

Pwn2Own inches closer and closer to having a million dollar event payout as the famed competition continues to grow in popularity and participation. Read more...