Microsoft's Threat Intelligence Center (MSTIC) claims it caught an Austrian company selling spyware called Subzero. The malware relied on zero-day vulnerabilities, which have been patched.
Windows 11 in Release Preview adds urgent notifications bypass and more
windows 11 insider preview
Windows 11 released to Dev Channel and ISO comes with File Explorer tabs
windows 11 promo
Zero-day vulnerability RSS
The infamous Hafnium group which successfully targeted on-premises Microsoft Exchange servers is now going after Windows using Tarrask malware which evades detection by cleaning its activities.
An unofficial patch for a Windows LPE security vulnerability under "CVE-2021-34484" is out, one that was supposedly fixed by Microsoft via its Patch Tuesday updates twice, but apparently not.
A new Local Privilege Escalation bug affecting all prevalent versions of Windows OS has received unofficial patches from 0Patch after Microsoft refused to fix the NTLM authenticating protocol.
Thanks to an as yet undisclosed critical vulnerability in Chrome 96, confirmed to be actively being exploited in the wild, Google is rolling out an update to Chrome 96, which y'all should update to.
This week in Microsoft news, there are new Windows 11 builds for Beta and Dev channels, security patches and zero-day bugs, Halo Infinite's next multiplayer preview news, and much more.
Microsoft has acknowledged that it is investigating a Windows zero-day vulnerability that is currently being exploited in the wild. The firm has provided a workaround that involves AcitveX controls.
Security researchers are reporting that Microsoft's fix for the PrintNightmare vulnerability that rolled out to most Windows versions is ineffective, and can let attackers completely bypass it.
Microsoft has revealed that on-premises Exchange servers are under attack from a state-sponsored group operating from China and utilizing 0-day exploits. Exchange Online is safe from the threat.
Google's Project Zero team has disclosed a zero-day vulnerability in Windows that enables elevated code execution that is currently being exploited. Microsoft is expected to patch the bug next month.
Mozilla has released Firefox 74.0.1 which includes patches for two zero-day vulnerabilities that are actively being exploited in the wild. The vulnerabilities allow hackers to run code on systems.
Google has patched three security bugs on Chrome, one of which is a zero-day vulnerability that is currently being exploited in the wild. The update is out for Windows, Mac, and Linux users.
Vulnerability Lab Security researcher Benjamin Kunz Mejri has revealed a now-fixed zero-day flaw in the Microsoft's service that allowed an attacker to remotely crash the application.
Samsung's Tizen operating system has been found to be riddled with security vulnerabilities that allow for remote-code execution, and for the delivery of malicious code via the OS' app store.
The DoubleAgent attack abuses Microsoft's Application Verifier tool to take full control over your antivirus, a research team from Cybellum has found, by exploiting a new Zero-Day vulnerability.