Microsoft has recently revealed that a KB update in August's Patch Tuesday effectively breaks printing for some organizations by repeatedly requiring admin credentials when printing.
Microsoft has patched a security flaw in the Azure Container Instances services that allowed data to leak across customers using the same clusters. Potentially affected customers have been notified.
A major flaw in Azure Cosmos DB has exposed customer data and given admin access to it for the past couple of years. Microsoft has now patched the issue and asked customers to rotate their keys.
Google Project Zero has disclosed yet another Windows vulnerability that can lead to elevation of privilege. Microsoft had initially stated that it would not resolve it, but is now working on a fix.
"Half-double" is a Rowhammer exploit which grants access to wider memory addresses on newer DRAM chips. Malicious code can potentially take control of the full system through this hardware bypass.
Microsoft has released a new set of security updates for numerous Exchange Server versions following the discovery of certain security flaws. Exchange Online once again contains protections already.
Following multiple delays from Microsoft, Google's Project Zero security team has disclosed yet another high severity security flaw in Windows. If exploited, it can cause elevation of privilege.
Following a botched fix by Qualcomm which caused a new kernel privilege escalation bug, Google Project Zero has publicly disclosed details of a high severity security flaw in the Adreno GPU driver.
The "high" severity security flaw in GitHub publicly disclosed by Google's Project Zero team earlier this month has finally been patched. The security team has validated the fix and closed it.
Google's Project Zero team has disclosed a "high" severity security flaw in GitHub following the latter's inability to provide a fix in the 104 days - which includes a grace period - allotted to it.
A new report has emerged claiming that Microsoft fixed a significant security vulnerability in various versions of Windows, even though a Google-owned service disclosed it to Microsoft in 2018.
Google's Project Zero team has publicly revealed yet another security flaw in Windows which allows elevation of privilege, claiming that Microsoft's fix is incomplete and does not resolve the issue.
Google's Project Zero members have disclosed five security flaws in iOS, four of which have been fixed by Apple in iOS 12.4. However, one of these still hasn't fully been patched yet.
Google's Project Zero has exposed a "high severity" flaw in macOS' kernel XNU - which apparently has issues in its implementation of copy-on-write behavior - after Apple failed to fix it in 90 days.
Apple has issued an apology for the FaceTime bug which allowed you to eavesdrop on others during group calls. An update to squash the bug will be rolled out to the public next week.
New variants of Spectre have been discovered by Microsoft and Google, which allow attackers to read privileged data. While mitigations will be available soon, they will result in a performance hit.
Researchers today warned that a critical flaw in OpenPGP and S/MIME encryption tools could leave your electronic communications at risk, allowing attackers to read encrypted emails in plaintext form.
Despite Microsoft's repeated requests for an extension to the standard 90-day disclosure deadline, Google has gone on to reveal a "medium" severity flaw in systems with UMCI, such as Windows 10 S.
It appears that Control Flow Guard (CFG) in Windows 8.1 and 10 can be bypassed, effectively putting 500 million computers at risk. Microsoft is investigating the issue and should have a fix soon.
Two independent Israeli researchers have found a loophole with Microsoft's digital assistant- Cortana. The assistant can be used by anyone with malicious intent to bypass a locked PC.
After Microsoft's failure to fix a flaw in its Edge browser in the allotted time, Google has publicly disclosed the bug - which allows bypassing Edge's ACG and creating an executable page in memory.
A bug in the Windows 10 Anti-Malware Scan Interface causes the security apparatus to truncate its scans when encountering a null character. The bug was fixed in this month's Patch Tuesday.
A newly discovered Skype bug that can allow an attacker to gain system-level privileges will be left unfixed for now, as Microsoft chooses to instead concentrate on creating a new client altogether.
In its quarterly earnings call for investors, the company vowed that it was working to fix the flaws in its chips, and vowed that its processors due out later this year will be vulnerability-free.
Security researchers are always trying to find ways to break devices or get into their code. If a problem is found, they alert the manufacturer to it can be fixed quietly. Others can be more vocal.
A new flaw discovered in the remote access monitoring AMT technology found in Intel processors can be used to take complete control over a laptop and circumvent all security measures.
The chipmaker is now recommending some of its bigger customers delay the installation of its latest patches aimed at Meltdown and Spectre after reports of unsolicited reboots on some processors.
Following the discovery of three critical flaws in a range of processors, OEMs and OS manufacturers have issued various patches. Microsoft has detailed what performance impact its patches have.
Microsoft recently pushed a security update for its near-dead mobile operating system. The fixes contained are likely aimed at protecting devices against the Meltdown and Spectre CPU vulnerabilities.
At least three class action lawsuits against Intel have been filed in the United States, emanating from recent revelations that processors it released in the last two decades are vulnerable.
Battered by reports of security vulnerabilities in its chips, Intel has started issuing updates for all Intel-based systems to make them immune to Spectre and Meltdown flaws by the end of next week.
With the release of academic papers and a statement by Google, we now have more details about the nature of the exploits plaguing processors from AMD, ARM, and Intel, named Meltdown and Spectre.
A flaw in the way Intel processors handle protected kernel memory is receiving an emergency patch from Microsoft later today. Users in the Windows 10 Fast ring already received the fix earlier.
Google has revealed yet another vulnerability in Windows - because Microsoft failed to fix it correctly - that can reportedly allow locally authenticated attackers to access kernel memory space.
A flaw in Microsoft's Word application was able to be exploited by hackers for months on end. The Redmond giant was in the middle of an in-depth investigation about it when attacks started in January.
A flaw has been uncovered in the Linux kernel that lets hackers easily take control of affected devices. The flaw, called Dirty COW has been around since 2007, but only now is being exploited.
Yesterday's Patch Tuesday saw the launch of a new cumulative update for Windows 10, as well as a number of security patches; they fixed critical flaws that were already being exploited in the wild.
Microsoft's Excel is altering hundreds of scientific papers and destroying work done by scientists, thanks to the way it auto-formats data. But scientists are blaming themselves, not Microsoft.
The flaw in question affects equipment used by cell towers, radios, networks, and of course, our own mobile phones. While there's a patch available, most devices won't ever receive it.
A security researcher has found an exploit-chain that can be used on Android devices with Qualcomm chips to break into the device's disk encryption. This exposes all of the user's data.