Microsoft has issued an advisory about two 0-day vulnerabilities affecting on-premises installations of Exchange Server. Unfortunately, no fix is available yet but there are a couple of mitigations.
Dev Channel preview lands with VPN status, new Taskbar search, and more
windows 11 insider preview
Windows 11's latest optional update (KB5012643) is causing yet another problem, this time affecting .NET Framework 3.5 apps. Microsoft has released some workarounds but is working on a long-term fix.
Microsoft has patched a security flaw in the Azure Container Instances services that allowed data to leak across customers using the same clusters. Potentially affected customers have been notified.
Microsoft has offered some further mitigations against the highly dangerous PrintNightmare exploit. The company has also given it a CVSS rating of 8.8/10, which almost awards it "critical" severity.
Microsoft has announced that based on the telemetry data it has been observing from 400,000 on-premises Exchange Server IPs, 92% have applied patches to mitigate the ongoing security vulnerabilities.
Microsoft has enabled Defender Antivirus to automatically mitigate a recent vulnerability in on-premises Exchange server instances. This acts only as a temporary workaround to break the attack chain.
Following the discovery of the Meltdown and Spectre vulnerabilities in Intel processors, the resulting fixes for the issue slowed down many PCs. The next feature update to Windows 10 may change that.
New variants of Spectre have been discovered by Microsoft and Google, which allow attackers to read privileged data. While mitigations will be available soon, they will result in a performance hit.
The popular Linux distribution, Ubuntu, will receive patches for the Meltdown and Spectre vulnerabilities by Janurary 9th. Canonical has been hard at work over the holidays crafting a patch.