Argentinian security researcher Manuel Caballero has discovered another vulnerability in Microsoft's Edge browser that can be exploited to bypass a security protection feature and steal data such as passwords from other sites, or cookie files that contain sensitive information.
Starting yesterday, via updates delivered in the May 2017 Patch Tuesday, Microsoft browsers such as Edge and Internet Explorer, have begun flagging websites as insecure if they use SSL/TLS certificates signed with the SHA-1 algorithm.
A one-liner in the Windows Store policy is the reason why we'll never have the "original" Chrome, Firefox, Opera, or other browsers available through the official Windows Store.
Microsoft's May 2017 Patch Tuesday, released yesterday, included fixes for three zero-days, which according to ESET and FireEye, were used by cyber-espionage groups operating out of Russia.
Earlier today, Microsoft officially released its monthly updates, something that sysadmins all over the world call Patch Tuesday.
In an emergency out-of-band update released late last night, Microsoft fixed a vulnerability in the Microsoft Malware Protection Engine discovered by two Google security experts over the weekend, and which the two described as "crazy bad" and "the worst Windows remote code exec in recent memory."
In one of the weirdest — but equally dangerous — bugs of all time, it appears that Edge will display one set of numbers on the screen, but will send another set of numbers to the printer, effectively replacing content on your documents.
Two Google security experts have found a severe remote code execution (RCE) bug in the Windows OS, which they've described as "crazy bad."
Windows 10 S users won't be able to change their default browser and search provider away from Microsoft Edge and Bing.
At the MicrosoftEDU Event held today in New York, Microsoft announced Windows 10 S, a version of the Windows 10 operating system that is restricted to running only Windows Store apps.
Microsoft would like Windows 10 users to stand in line in an orderly fashion and wait their turn to update to the Creators Update (CU), the latest major edition of the Windows 10 OS, released on April 11.
Microsoft announced last week that starting October 13, 2020, customers who purchased a copy of a standalone Office product — such as Office 2010, Office 2013, and Office 2016 — will have their access revoked to Skype for Business and OneDrive for Business accounts.
Today, Microsoft pledged itself to a new release schedule for Windows 10, for which the Redmond company promises to release all major features during two update periods, one in March and one in September, each year.
License keys for Windows 7, 8, and 8.1 can be used to activate a fresh copy of the Windows 10 Creators Update, even if Microsoft has "officially" stopped offering free upgrades to Windows 10 back in the summer of 2016.
GitHub user Zeffy has created a patch that removes a limitation that Microsoft imposed on users of 7th generation processors, a limit that prevents users from receiving Windows updates if they still use Windows 7 and 8.1.
Microsoft never shied away from claiming that Edge is a much more secure browser than Chrome. Even some third-party tests have sustained its claims. Nonetheless, there are currently three different issues affecting Edge, which Microsoft might not like you knowing about.
Earlier today, Microsoft concluded an investigation which it started yesterday after a mysterious group of hackers known as The Shadow Brokers dumped a trove of Windows exploits online, as part of a plan started last year and aimed at ousting the Equation Group cyber-espionage group as the NSA.
Starting this month, Microsoft has stopped delivering updates for Windows 7 and 8.1 operating systems running on modern processor models, such as Intel 7th Generation (Kaby Lake) and AMD 7th Generation (Bristol Ridge).
The saga of CVE-2017-0199, a recently patched zero-day vulnerability affecting Microsoft Office and WordPad, just got a little stranger yesterday after cyber-security firm FireEye revealed the vulnerability was used by both cyber-criminals pushing mundane malware, and also by state-sponsored cyber-espionage groups.
Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins.