Microsoft released the August 2017 Patch Tuesday security bulletin, and this month the company fixed 48 security issues in six of its main product categories.
Security researchers have discovered a new backdoor trojan targeting Windows computers. Named CowelSnail, this malware appears to be the work of the same group who weaponized the SambaCry vulnerability to install cryptocurrency miners on Linux servers last month.
Microsoft plans to remove the classic Windows Paint app from Windows 10 this fall, as part of a large chunk of features the company announced it would deprecate or remove with the release of the Windows 10 Fall Creators Update, set to be launched somewhere in October or November.
Mozilla engineers have decided that starting with Firefox 56 they will silently and forcibly auto-upgrade some users of 32-bit Firefox to 64-bit versions.
Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system.
Two implementations of the Kerberos authentication protocol received patches this week against a vulnerability that allowed a threat actor to bypass authentication procedures.
Microsoft added a password recovery option to the Windows 10 locksreen for users that use a Microsoft account to log into their computer.
Microsoft has worked on adding security protections against two forms of code injection techniques known as process hollowing and atom bombing.
Microsoft's July 2017 Patch Tuesday includes a fix for an issue with the NT LAN Manager (NTLM) Authentication Protocol that can be exploited to allow attackers to create admin accounts on a local network's domain controller (DC).
Microsoft has released updates today for the Windows 10 operating system, as well as for other of the company's products, updates that fix 55 security issues ranging from remote code execution to simple spoofing attacks.
Today at the company's Inspire business conference, Microsoft announced a new service called "Microsoft 365" that bundles together three of its previous standalone services: Office 365, Windows 10, and Enterprise Mobility + Security.
WikiLeaks dumped today the documentation of two CIA hacking tools codenamed BothanSpy and Gyrfalcon, both designed to steal SSH credentials from Windows and Linux systems, respectively.
A new feature added in test snapshots for OpenBSD releases will create a unique kernel every time an OpenBSD user reboots or upgrades his computer.
This fall, Microsoft plans to release a new Windows Defender feature called Controlled Folder Access, which blocks and blacklists unauthorized apps from making changes to files located inside specially-designated folders.
After previously stating it was dropping support for EMET in July 2018, Microsoft announced yesterday plans to embed its vaunted EMET security toolkit in the Windows 10 kernel during the operating system's major update, scheduled for October-November 2017.
On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem.
An unknown person has uploaded online over 32TB of Windows 10 internal builds, along with some of the operating system's source code. The data was uploaded on BetaArchive, an Internet forum dedicated to archiving software beta builds so users and developers can track how a project evolved over time.
Security experts have discovered a method of bypassing Windows PatchGuard protections and hooking malicious code into the Windows kernel, which allows an attacker to plant rootkits on systems previously thought to be impregnable.
Windows computers are being targeted with a new cryptocurrency miner that uses an NSA hacking tool to infect users' PCs. Detected under the generic name of Trojan.BtcMine.1259, this trojan was first spotted last week by Russian antivirus vendor Dr.Web.