Microsoft Defender, AVG, Avast, and more, were found vulnerable to a new zero-day security exploit through which harmless files, even system files, could be deleted using the anti-virus.
Chat becomes Microsoft Teams Free with build 22631.2338 (KB5030305)
windows 11 insider preview promo
Microsoft has implemented a public preview of a mechanism that allows Windows Update for Business customers to expedite the rollout of security updates. It's coming soon for non-security updates too.
Microsoft's Threat Intelligence Center (MSTIC) claims it caught an Austrian company selling spyware called Subzero. The malware relied on zero-day vulnerabilities, which have been patched.
This week's recap of Microsoft news contains a lot of items related to cybersecurity, botched Windows 11 updates, a leaked OneDrive client, and updates for multiple Office apps and services.
Following in the footsteps of Chrome, Edge has received an update to fix a rather severe 0-day exploit too. This is because the issue affects all browsers based on Chromium, including Edge.
Google has rolled out security updates for Chrome across various channels to fix a handful of issues, including one 0-day exploit. Details of the problem are private for now but it has high severity.
Sophisticated "Alien" spyware is targeting Android users to download "Predator" malware, which can record audio, hide apps, and perform several more nefarious activities. Google has sent out patches.
Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too.
Mozilla has released Firefox v97.0.2. It's an out-of-band security update to patch two "Critical" security flaws that are being exploited in the wild. These 0-Days rely on the 'Use-after-free' bug.
Microsoft has revealed that on-premises Exchange servers are under attack from a state-sponsored group operating from China and utilizing 0-day exploits. Exchange Online is safe from the threat.
Mozilla has released Firefox 74.0.1 which includes patches for two zero-day vulnerabilities that are actively being exploited in the wild. The vulnerabilities allow hackers to run code on systems.
Valve has now begun fixing a zero-day exploit in Steam that could result in an escalation of privilege attack, after public criticism from the researcher who found it made headlines.
A credible zero-day vulnerability is being auctioned off on criminal websites. The exploit can be used on all versions of Windows including 10 and can even supposedly bypass Microsoft's EMET suite.
Pwn2Own inches closer and closer to having a million dollar event payout as the famed competition continues to grow in popularity and participation.