Microsoft released 14 security bulletins today, six rated critical. Among the fixes is a patch for a Windows kernel zero-day vulnerability disclosed by Google that was being used in attacks by the Sofacy APT gang.
Microsoft extended the end of life deadline on EMET to July 2018, but experts say its usefulness as a mitigation toolkit has been limited for some time.
Two-factor authentication protecting Outlook Web Access and Office 365 portals can be bypassed-and the situation likely cannot be fixed, a researcher has disclosed.
Microsoft said Russian APT group Sofacy, which has ties to the country’s military intelligence operations, has been using Windows kernel and Adobe Flash zero day vulnerabilities in targeted attacks.
Google today disclosed the existence of a Windows zero-day vulnerability under attack. The flaw was reported to Microsoft 10 days ago; Microsoft says the disclosure puts users at risk.
Mike Mimoso and Chris Brook recap the news of the week, including the storylines around last week’s Dyn DDoS attack, Keen Team winning big again at Pwn2Own, and a fake Windows installer.
Microsoft released 10 security bulletins on Patch Tuesday that included patches for five zero day vulnerabilities under attack that had not been publicly disclosed until today.