Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins.
As part of the April 2017 Patch Tuesday, Microsoft released today 61 security updates for products such as its operating systems, browsers, the Office suite, and others.
A few hours ago, Microsoft officially launched the Windows 10 Creators Update, which has slowly started rolling out to a few selected Windows 10 users and will continue to reach new devices in the upcoming weeks.
The operators of the Dridex botnet are using the recently disclosed Microsoft Office zero-day to spread a version of their malware, the infamous Dridex banking trojan.
Cyber-security firms McAfee and FireEye have both disclosed in-the-wild attacks with a new Microsoft Office zero-day that allows attackers to silently execute code on targeted machines and secretly install malware.
Microsoft is set to launch the Windows 10 Creators Update next week, on Tuesday, on April 11, at which time we'll have all the official details about the company's next major Windows 10 version. Until then, here's an unofficial changelog.
Microsoft adds Uninstall button for OneDrive. Users no longer have to walk on nails and sacrifice lambs to the Microsoft deity in order to uninstall OneDrive from their PCs.
Microsoft turned a new leaf today and published a list of diagnostics data the company will be collecting from users of Windows 10 Creators Update, scheduled for launch next week, on April 11.
Microsoft will officially release Windows 10 Creators Update on April 11, the same day it will retire Windows Vista, but users unwilling to wait that long can install it starting today, April 5, using the Windows 10 Update Assistant.
A mysterious issue is affecting the default Windows NTP server (time.windows.com), according to multiple complaints coming from Reddit and Twitter users.
A quick round-up of various stories going on in tech right now
Since July 2016, attackers have been using a zero-day in IIS 6.0 to compromise and take over Windows servers. The vulnerability only affects IIS 6.0, which was released in November 2010, and shipped with Windows Server 2003 and Windows XP Professional x64 Edition.
Without making too much fuss about it, Microsoft patched a zero-day vulnerability used in live attacks by a cyber-espionage group named Zirconium. The zero-day, tracked as CVE-2017-0005, affects the Windows Win32k component in the Windows GDI (Graphics Device Interface), included in all Windows OS versions.
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
We're almost two weeks away from Windows Vista's official End of Life (EoL) date, April 11, 2017, more than ten years after Microsoft officially launched Windows, back in January 2007.
Three angry Windows 10 users have filed a lawsuit against Microsoft over botched Windows 10 upgrades, which plaintiffs claim destroyed their data, damaged computers, and incurred lost time and money.
A security researcher has detailed a way to log into any account on the same computer, even without knowing its password. The trick works on all Windows versions, doesn't require special privileges, and the researcher can't figure out if it's a Windows feature or security flaw.
Users of new CPU architectures will not receive Windows 7 and 8.1 updates anymore, according to a Microsoft support topic published last week.
A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning.
Ransomware operators have changed tactics again, making the job of security vendors harder once more, as they switched to a new method of packing their malware inside NSIS installers.