Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system.
Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures.
Microsoft added a password recovery option to the Windows 10 locksreen for users that use a Microsoft account to log into their computer.
Microsoft has worked on adding security protections against two forms of code injection techniques known as process hollowing and atom bombing.
Microsoft's July 2017 Patch Tuesday includes a fix for an issue with the NT LAN Manager (NTLM) Authentication Protocol that can be exploited to allow attackers to create admin accounts on a local network's domain controller (DC).
Microsoft has released updates today for the Windows 10 operating system, as well as for other of the company's products, updates that fix 55 security issues ranging from remote code execution to simple spoofing attacks.
Today at the company's Inspire business conference, Microsoft announced a new service called "Microsoft 365" that bundles together three of its previous standalone services: Office 365, Windows 10, and Enterprise Mobility + Security.
WikiLeaks dumped today the documentation of two CIA hacking tools codenamed BothanSpy and Gyrfalcon, both designed to steal SSH credentials from Windows and Linux systems, respectively.
A new feature added in test snapshots for OpenBSD releases will create a unique kernel every time an OpenBSD user reboots or upgrades his computer.
This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside specially-designated folders.
After previously stating it was dropping support for EMET in July 2018, Microsoft announced yesterday plans to embed its vaunted EMET security toolkit in the Windows 10 kernel during the operating system's major update, scheduled for October-November 2017.
On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem.