An attacker or a rogue employee can create and register custom control panel items and use these files to bypass the Windows AppLocker security feature.
Just by accessing a folder containing a malicious SCF file, a user will unwittingly share his computer's login credentials with an attacker via Google Chrome and the SMB protocol.
Following the massive Wana Decrypt0r ransomware outbreak from yesterday afternoon, Microsoft has released an out-of-bound patch for older operating systems to protect them against Wana Decrypt0r's self-spreading mechanism.
In an emergency out-of-band update released late last night, Microsoft fixed a vulnerability in the Microsoft Malware Protection Engine discovered by two Google security experts over the weekend, and which the two described as "crazy bad" and "the worst Windows remote code exec in recent memory."
Two Google security experts have found a severe remote code execution (RCE) bug in the Windows OS, which they've described as "crazy bad."
License keys for Windows 7, 8, and 8.1 can be used to activate a fresh copy of the Windows 10 Creators Update, even if Microsoft has "officially" stopped offering free upgrades to Windows 10 back in the summer of 2016.
Earlier today, Microsoft concluded an investigation which it started yesterday after a mysterious group of hackers known as The Shadow Brokers dumped a trove of Windows exploits online, as part of a plan started last year and aimed at ousting the Equation Group cyber-espionage group as the NSA.
Starting this month, Microsoft has stopped delivering updates for Windows 7 and 8.1 operating systems running on modern processor models, such as Intel 7th Generation (Kaby Lake) and AMD 7th Generation (Bristol Ridge).
Yesterday, Microsoft migrated to a new Patch Tuesday format, which now lists update information via a portal named the Microsoft Security Update Guide, which for the time being, has managed to confuse most sysadmins.
As part of the April 2017 Patch Tuesday, Microsoft released today 61 security updates for products such as its operating systems, browsers, the Office suite, and others.
A few hours ago, Microsoft officially launched the Windows 10 Creators Update, which has slowly started rolling out to a few selected Windows 10 users and will continue to reach new devices in the upcoming weeks.
A mysterious issue is affecting the default Windows NTP server (time.windows.com), according to multiple complaints coming from Reddit and Twitter users.