Windows Themes 0-day opens door to NTLM credential theft
Windows Themes spoofing bug allows NTLM credential theft; Acros Security's 0patch offers a free fix while Microsoft remains silent on a timeline for an official patch.
Understanding VBS Enclaves, Windows' new security technology
Microsoft enhances security through VBS Enclaves, using trusted execution environments to isolate critical processes and protect data from malware.
Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws
Microsoft's September 2024 Patch Tuesday update addresses 79 vulnerabilities, including three actively exploited flaws requiring immediate attention to security protocols.
Microsoft to host security summit after CrowdStrike disaster
Microsoft is enhancing Windows security measures following a major outage caused by a third-party software update.
The company is convening a summit with cybersecurity experts to address these challenges.
Windows: Insecure by design
Microsoft's security flaws have persisted since the 1990s, with recent high-severity vulnerabilities like CVE-2024-30080 and CVE-2024-30078 raising concerns.
Windows Themes 0-day opens door to NTLM credential theft
Windows Themes spoofing bug allows NTLM credential theft; Acros Security's 0patch offers a free fix while Microsoft remains silent on a timeline for an official patch.
Understanding VBS Enclaves, Windows' new security technology
Microsoft enhances security through VBS Enclaves, using trusted execution environments to isolate critical processes and protect data from malware.
Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws
Microsoft's September 2024 Patch Tuesday update addresses 79 vulnerabilities, including three actively exploited flaws requiring immediate attention to security protocols.
Microsoft to host security summit after CrowdStrike disaster
Microsoft is enhancing Windows security measures following a major outage caused by a third-party software update.
The company is convening a summit with cybersecurity experts to address these challenges.
Windows: Insecure by design
Microsoft's security flaws have persisted since the 1990s, with recent high-severity vulnerabilities like CVE-2024-30080 and CVE-2024-30078 raising concerns.
Microsoft working on OS update to prevent another IT outage
Microsoft is enhancing Windows security by enabling endpoint solutions to operate outside the kernel to prevent outages.
Microsoft is building new Windows security features to prevent another CrowdStrike
Microsoft plans to help security vendors operate outside of the Windows kernel to improve system resilience and security.
The changes are a response to the CrowdStrike incident that affected 8.5 million systems.
Microsoft will host a security conference after the CrowdStrike shutdown
Microsoft's conference aims to address security vulnerabilities following the CrowdStrike outage, proposing new practices and technologies to enhance system stability.
Microsoft to host CrowdStrike and others to discuss Windows security changes
Microsoft is hosting a summit to enhance Windows security following a CrowdStrike incident that affected 8.5 million devices.
Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver
Cybersecurity researchers discovered the HotPage adware posing as an ad blocker, with the ability to execute arbitrary code on Windows hosts, potentially leading to serious security breaches.
Microsoft working on OS update to prevent another IT outage
Microsoft is enhancing Windows security by enabling endpoint solutions to operate outside the kernel to prevent outages.
Microsoft is building new Windows security features to prevent another CrowdStrike
Microsoft plans to help security vendors operate outside of the Windows kernel to improve system resilience and security.
The changes are a response to the CrowdStrike incident that affected 8.5 million systems.
Microsoft will host a security conference after the CrowdStrike shutdown
Microsoft's conference aims to address security vulnerabilities following the CrowdStrike outage, proposing new practices and technologies to enhance system stability.
Microsoft to host CrowdStrike and others to discuss Windows security changes
Microsoft is hosting a summit to enhance Windows security following a CrowdStrike incident that affected 8.5 million devices.
Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver
Cybersecurity researchers discovered the HotPage adware posing as an ad blocker, with the ability to execute arbitrary code on Windows hosts, potentially leading to serious security breaches.
Windows patches can be forcibly reversed, reopening bugs
Black Hat Techniques demonstrated how security patches on Windows machines can be forcibly removed to exploit fixed vulnerabilities again.
Researcher finds a way to invisibly reverse Windows updates
A Windows downgrade attack leveraging the Windows update process exposes vulnerabilities in key Windows components, allowing manipulation with high impact and difficulty of detection.
Windows patches can be forcibly reversed, reopening bugs
Black Hat Techniques demonstrated how security patches on Windows machines can be forcibly removed to exploit fixed vulnerabilities again.
Researcher finds a way to invisibly reverse Windows updates
A Windows downgrade attack leveraging the Windows update process exposes vulnerabilities in key Windows components, allowing manipulation with high impact and difficulty of detection.
Bad apps bypass Windows alerts for six years using LNK files
Attackers can bypass Windows SmartScreen and Smart App Control using the 'LNK Stomping' technique, nullifying MotW and enabling the execution of malicious apps.
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware
Google Chrome introduces app-bound encryption on Windows for added data protection.
Zero Day Initiative - Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
Escalating privileges through file deletion and symbolic link creation in ESET Smart Security's ekrn.exe service.