Microsoft

Pierluigi Paganini August 22, 2025
After SharePoint attacks, Microsoft stops sharing PoC exploit code with China

Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures. […]

Pierluigi Paganini July 21, 2025
SharePoint zero-day CVE-2025-53770 actively exploited in the wild

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. Unfortunately, the flaw has yet to be addressed. The vulnerability is a deserialization of untrusted data in on-premises Microsoft SharePoint Server, an […]

Pierluigi Paganini May 02, 2025
Microsoft sets all new accounts passwordless by default

Microsoft announced that all new accounts will be “passwordless by default” to increase their level of security. Microsoft now makes all new accounts “passwordless by default,” enhancing protection against social engineering attacks, phishing, brute-force, and credential stuffing attacks. “As part of this simplified UX, we’re changing the default behavior for new accounts. Brand new Microsoft […]

Pierluigi Paganini February 12, 2025
Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs

Microsoft Patch Tuesday security updates for February 2025 addressed four zero-day flaws, two of which are actively exploited in the wild. Microsoft Patch Tuesday security updates for February 2025 addressed 57 vulnerabilities in Windows and Windows Components, Office and Office Components, Azure, Visual Studio, and Remote Desktop Services. Two of these vulnerabilities are listed as […]

Pierluigi Paganini December 17, 2024
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference (CVE-2024-35250) and Adobe ColdFusion Improper Access Control (CVE-2024-20767) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The […]

Pierluigi Paganini November 13, 2024
Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days

Microsoft Patch Tuesday security updates for November 2024 addressed 89 vulnerabilities, including two actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for November 2024 fixed 89 vulnerabilities in Windows and Windows Components; Office and Office Components; Azure; .NET and Visual Studio; LightGBM; Exchange Server; SQL Server; TorchGeo; Hyper-V; and Windows VMSwitch. Four of these […]

Pierluigi Paganini October 09, 2024
U.S. CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Qualcomm this week addressed 20 vulnerabilities in its products, including a potential zero-day issue tracked as CVE-2024-43047 (CVSS score […]

Pierluigi Paganini September 16, 2024
Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024. The vulnerability CVE-2024-43461 is a Windows MSHTML platform spoofing issue. MSHTML is a platform used by Internet Explorer. Although […]

Pierluigi Paganini June 30, 2024
Russia-linked Midnight Blizzard stole email of more Microsoft customers

Microsoft warned more customers about email theft linked to the previously reported Midnight Blizzard hacking campaign. The Russia-linked cyberespionage group Midnight Blizzard continues to target Microsoft users to steal other emails, warn the IT giant. The company is identifying more customers targeted by the Midnight Blizzard hacking campaign following Microsoft’s corporate infrastructure breach. In January, […]

Pierluigi Paganini June 20, 2024
An unpatched bug allows anyone to impersonate Microsoft corporate email accounts

A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. An attacker can trigger the vulnerability to launch phishing attacks.  The researchers demonstrated the bug exploitation to TechCrunch, Kokorin […]