SEARCH
Archive
CISA Orders Agencies to Patch Zerologon Flaw
Federal agencies have until the end of Monday to install fixes for a recently-fixed elevation of privilege vulnerability in Windows which could be used to take control of the entire network, CISA said in an emergency directive.
Wormable Flaw in Windows DNS Server Can Take Over IT Networks
DNS issues are bad news, and SigRed is among the worst: Microsoft fixes a flaw in Windows DNS Server which has a severity rating of 10 and is believed to be wormable.
Microsoft Pulls Buggy UEFI Security Update
Microsoft has removed the Windows security update addressing issues with third-party boot managers after users complained the updates caused their systems to stop working.
Microsoft’s Secured-core PC Takes Aim at Firmware Attacks
Microsoft's Secured-core PC initiative is a partnership with OEM partners (including HP and Dell), silicon vendors (such as Intel, AMD, and Qualcomm) to provide deeply integrated hardware, firmware and software that can withstand firmware-based attacks.
Being on the Latest Windows Version Can Thwart Zero Days
Zero day vulnerabilities exploited in the wild is never good news, but if the user's machine is running the latest version of the operating system, the chances are good that the attack won't be successful against that machine, according to a Microsoft security engineer.