Archive for the ‘windows Vulnerability’ Category

Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows

August 13th, 2019
Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back

Posted in google, Google Project Zero, hacking news, hacking windows password, microsoft, Vulnerability, windows Vulnerability, Windows zero-day vulnerability | Comments (0)

Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

July 25th, 2019
Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw. BlueKeep is a highly-critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Services that could allow an unauthenticated remote

Posted in BlueKeep RDP Flaw, BlueKeep RDP Vulnerability, BlueKeep Vulnerability, botnet malware, cryptocurrency malware, hacking news, Linux botnet, Linux Vulnerability, malware, windows Vulnerability | Comments (0)

Microsoft Releases June 2019 Security Updates to Patch 88 Vulnerabilities

June 11th, 2019
After Adobe, the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products. This month's security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity. The

Posted in cyber security, microsoft, Microsoft Patch Tuesday, windows updates, windows Vulnerability | Comments (0)

Update: Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

May 23rd, 2019
Less than 24 hours after publicly disclosing an unpatched zero-day vulnerability in Windows 10, the anonymous hacker going by online alias "SandboxEscaper" has now dropped new exploits for two more unpatched Microsoft zero-day vulnerabilities. The two new zero-day vulnerabilities affect Microsoft's Windows Error Reporting service and Internet Explorer 11. Just yesterday, while releasing a

Posted in cyber security, hacking news, Internet Explorer, microsoft, sandbox bypass, windows security, windows Vulnerability, Windows zero-day vulnerability, Zero-Day Vulnerability | Comments (0)

Chinese Hackers Used NSA Hacking Tools Before Shadow Brokers Leaked Them

May 7th, 2019
In a shocking revelation, it turns out that a hacking group believed to be sponsored by Chinese intelligence had been using some of the zero-day exploits linked to the NSA's Equation Group almost a year before the mysterious Shadow Brokers group leaked them. According to a new report published by cybersecurity firm Symantec, a Chinese-linked group, which it calls Buckeye, was using the

Posted in APT3, buckeye, DoublePulsar, EternalBlue exploit, EternalRomance, EternalSynergy, nsa hacking tools, The Shadow Brokers, windows exploit, windows Vulnerability, zero-day exploit | Comments (0)

Unpatched vCard Flaw Could Let Attackers Hack Your Windows PCs

January 15th, 2019
A zero-day vulnerability has been discovered and reported in the Microsoft's Windows operating system that, under a certain scenario, could allow a remote attacker to execute arbitrary code on Windows machine. Discovered by security researcher John Page (@hyp3rlinx), the vulnerability was reported to the Microsoft security team through Trend Micro's Zero Day Initiative (ZDI) Program over 6

Posted in cyber security, hacking news, vCard exploit, Vulnerability, windows hacking, windows security, windows Vulnerability, Zero-Day Vulnerability | Comments (0)

Hacker Discloses New Windows Zero-Day Exploit On Twitter

October 24th, 2018
A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the vulnerability that appears to be a privilege

Posted in cybersecurity, hacking news, Microsoft Windows, operating system, windows exploit, windows Vulnerability, Windows zero-day vulnerability, zero-day exploit, Zero-Day Vulnerability | Comments (0)

Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

October 9th, 2018
Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products. This month's security updates address security vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server. Out of 49 flaws

Posted in cybersecurity, microsoft, Microsoft office, Microsoft Patch Update, Microsoft Windows, operating system, Security patch Update, windows Vulnerability | Comments (0)

Critical Flaws Found in Windows NTLM Security Protocol – Patch Now

July 12th, 2017

As part of this month’s Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.

Researchers at behavioral firewall specialist Preempt discovered two zero-day vulnerabilities in Windows NTLM security protocols, both of which allow attackers to create a

Posted in hacking news, Microsoft Windows, privilege escalation, RDP exploit, RDP server hacking, Vulnerability, windows hacking, windows Vulnerability, zero-day exploit | Comments (0)

Windows Atom Tables Can Be Abused for Code Injection Attacks

October 27th, 2016

Attackers can leverage a design weakness in all versions of Windows to carry out code injection attacks that bypass detection by security software.

Posted in atom table, atombombing, Code Injection, Web Security, windows Vulnerability | Comments (0)