Federal agencies have until the end of Monday to install fixes for a recently-fixed elevation of privilege vulnerability in Windows which could be used to take control of the entire network, CISA said in an emergency directive.
DNS issues are bad news, and SigRed is among the worst: Microsoft fixes a flaw in Windows DNS Server which has a severity rating of 10 and is believed to be wormable.
Microsoft has removed the Windows security update addressing issues with third-party boot managers after users complained the updates caused their systems to stop working.
Microsoft's Secured-core PC initiative is a partnership with OEM partners (including HP and Dell), silicon vendors (such as Intel, AMD, and Qualcomm) to provide deeply integrated hardware, firmware and software that can withstand firmware-based attacks.
Zero day vulnerabilities exploited in the wild is never good news, but if the user's machine is running the latest version of the operating system, the chances are good that the attack won't be successful against that machine, according to a Microsoft security engineer.