An attacker or a rogue employee can create and register custom control panel items and use these files to bypass the Windows AppLocker security feature.
Malware authors have a new UAC bypass technique at their disposal that they can use to install malicious apps on devices running Windows 10.
Microsoft said last week it's fixing the infamous J bug that affected the company's Outlook service for the past seven years, according to a report from last week.
Microsoft's Chief Legal Officer Brad Smith has penned a blog post today, accusing the NSA of stockpiling exploits, failing to protect its hacking tools, and indirectly causing the WannaCry ransomware outbreak.
At the Build conference held yesterday in Seattle, Microsoft announced a new UI for its products, which the company has officially named the "Microsoft Fluent Design Language."
Argentinian security researcher Manuel Caballero has discovered another vulnerability in Microsoft's Edge browser that can be exploited to bypass a security protection feature and steal data such as passwords from other sites, or cookie files that contain sensitive information.
Starting yesterday, via updates delivered in the May 2017 Patch Tuesday, Microsoft browsers such as Edge and Internet Explorer, have begun flagging websites as insecure if they use SSL/TLS certificates signed with the SHA-1 algorithm.
A one-liner in the Windows Store policy is the reason why we'll never have the "original" Chrome, Firefox, Opera, or other browsers available through the official Windows Store.
Microsoft's May 2017 Patch Tuesday, released yesterday, included fixes for three zero-days, which according to ESET and FireEye, were used by cyber-espionage groups operating out of Russia.
Earlier today, Microsoft officially released its monthly updates, something that sysadmins all over the world call Patch Tuesday.
In an emergency out-of-band update released late last night, Microsoft fixed a vulnerability in the Microsoft Malware Protection Engine discovered by two Google security experts over the weekend, and which the two described as "crazy bad" and "the worst Windows remote code exec in recent memory."
In one of the weirdest — but equally dangerous — bugs of all time, it appears that Edge will display one set of numbers on the screen, but will send another set of numbers to the printer, effectively replacing content on your documents.