Eight months after Microsoft issued a patch for the critical SMBGhost issues over 100,000 systems exposed online are still vulnerable to this attack. In March, Microsoft has addressed the critical SMBGhost vulnerability (CVE-2020-0796) in the Server Message Block (SMB) protocol. “A remote code execution vulnerability exists in the way that the Microsoft Server Message Block […]
Microsoft researchers are warning that threat actors are continuing to actively exploit the ZeroLogon vulnerability in attacks in the wild. Microsoft is warning that threat actors are actively exploiting the ZeroLogon vulnerability in the Netlogon Remote Protocol. The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism used in the Windows Client […]
Microsoft released two out-of-band security updates to address remote code execution (RCE) bugs in the Microsoft Windows Codecs Library and Visual Studio Code. Microsoft has released two out-of-band security updates to address two remote code execution (RCE) vulnerabilities that affect the Microsoft Windows Codecs Library and Visual Studio Code. The two vulnerabilities, tracked as CVE-2020-17022 and CVE-2020-17023, have been rated […]
Last week, the source code for MS Windows XP and Windows Server 2003 OSs were leaked online, now a developer successfully compiled them. Last week, the source code for Microsoftâs Windows XP and Windows Server 2003 operating systems was published as a torrent file on the bulletin board website 4chan. This is the first time […]
Microsoft released the Project OneFuzz, an open-source fuzzing framework for its cloud computing service Azure. Microsoft this week announced the release of the Project OneFuzz which is an open-source fuzzing framework for its cloud computing service Azure. The project was previously used by the IT giant to find vulnerabilities in the popular service. “Today, weâre […]
Microsoft released an Out-of-Band security update to address privilege escalation flaws in Windows 8.1 and Windows Server 2012 R2 systems. Microsoft released this week an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems that address two privilege escalation vulnerabilities in Windows Remote Access. Both vulnerabilities were addressed by Microsoft in August, […]
The actively exploited Windows spoofing vulnerability (CVE-2020-1464) recently patched by Microsoft has been known for more than two years. The actively exploited Windows spoofing flaw, tracked as CVE-2020-1464 and patched last week by Microsoft, has been known for more than two years, researchers revealed. Microsoftâs August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days […]
Expert release a PoC exploit code for a recently addressed critical flaw in Microsoft SharePoint, .NET Framework, and Visual Studio. CVE-2020-1147 is a critical vulnerability in .NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The flaw is caused by the lack […]
Microsoft has silently released an emergency security update through the Windows Store app to address two vulnerabilities in Windows codecs. Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. The two issues are remote code execution vulnerabilities tracked as CVE-2020-1425 & CVE-2020-1457 that impact Windows 10 […]
Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use. Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments, the tech giants are also urging for federal laws to regulate the use […]