Microsoft has taken the extraordinary step of providing an emergency update for unsupported Windows XP and Windows 8 machines in the wake of Friday’s WannaCry ransomware outbreak.

The news of the week is discussed, including this week’s Microsoft Malware Protection Engine bug, Handbrake OS X malware, the HP keylogger, Trump’s Cybersecurity EO, and more.

Yesterday’s Patch Tuesday release also included an update to Microsoft’s Internet Explorer and Edge browsers officially ending support for the SHA-1 hash function.

Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows.

Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich found a remotely exploitable Windows vulnerability that Ormandy called he worst in recent memory.

Microsoft shuts down hackers who hijacked a software updater with fileless, or in-memory, malware attacks.

As Microsoft hardens its defenses with tools such as Control Flow Guard, researchers at Endgame are preparing for the reality of Counterfeit Object-Oriented Programming attacks to move from theoretical to real.

Nearly two-thirds of servers and PCs peddled on the xDedic underground marketplace belong to schools and universities based in United States.

Microsoft fixed a bug in Skype last month that could have allowed an attacker to execute code on the system it was running on, phish Skype credentials and crash the application.

Mike Mimoso and Chris Brook discuss the news of the week, including last Friday’s ShadowBrokers dump – how Microsoft learned of the vulnerabilities, how they were patched by Oracle, along with Microsoft ditching passwords, and a new car dongle hack.