Endpoint Security
After more than 40 years of being set against a very recognizable blue, the updated error message will soon be displayed across a black...
Hi, what are you looking for?
SecurityWeek
All posts tagged "Windows"
Endpoint Security
Microsoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel.
Endpoint Security
With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security updates.
Vulnerabilities
A Windows NTLM vulnerability patched in March has been exploited in attacks targeting government and private institutions.
Vulnerabilities
Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023.
Vulnerabilities
ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.
Vulnerabilities
Proof-of-concept (PoC) code was published for CVE-2024-49113, a denial-of-service (DoS) vulnerability in Windows LDAP.
Vulnerabilities
CISA has warned organizations that two vulnerabilities affecting Adobe ColdFusion and Windows have been exploited in the wild.
Nation-State
The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery.
Vulnerabilities
The exploit for a new zero-day vulnerability in Windows is executed by deleting files, drag-and-dropping them, or right clicking on them.
Vulnerabilities
Microsoft has rolled out mitigations for recently disclosed downgrade attacks targeting the Windows Update process.
Endpoint Security
SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices.
Incident Response
CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the July BSOD incident.
Vulnerabilities
Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024.
Endpoint Security
Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe.
Vulnerabilities
ZDI details a zero-day named Copy2Pwn and tracked as CVE-2024-38213, which cybercriminals exploited to bypass MotW protections in Windows.
Vulnerabilities
Microsoft's security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited...
Disaster Recovery
CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a "confluence" of vulnerabilities and testing gaps.
Incident Response
CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across...
Disaster Recovery
CrowdStrike says a routine sensor configuration update pushed to Windows OS triggered a logic error that blue-screened computers worldwide.
Threat Intelligence
Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.
Fraud & Identity Theft
Malware & Threats
Vulnerabilities
Nation-State
Management & Strategy
Noteworthy stories that might have slipped under the radar: powerful US law firm hacked by China, Symantec product flaw, $10,000 Meta AI hack, cryptocurrency...
Fraud & Identity Theft