A serious flaw that’s existed in Microsoft’s Windows DNS Server for as many as 17 years could be abused to acquire Domain Administrator privileges and affect the whole commercial infrastructure behind it. Tracked as CVE-2020-1350 and named SIGRed, the vulnerability is a remote code execution that impacts Windows Server versions Continue Reading
On Tuesday, technology giant Microsoft came up with two out-of-band security updates to fix two flaws in the Microsoft Windows Codecs Library. The two bugs, tracked as CVE-2020-1425 & CVE-2020-1457, only affect Windows 10 and Windows Server 2019 distributions. The software behemoth said the two security vulnerabilities can be abused with the Continue Reading
Tech giant Microsoft has released the first public preview of its commercial antivirus product, Defender Advanced Threat Protection (ATP) for Android. Dubbed “Microsoft Defender ATP for Android,” the product was announced at the RSA security meeting in February this year, and was open to a first public preview on Tuesday. Firms Continue Reading
On Tuesday, one of the flaws that Microsoft highlighted on June 2020 Patch is a Server Message Block (SMB) protocol bug that could let an attacker leak kernel memory remotely, without verification. Dubbed SMBleed and tracked as CVE-2020-1206, the flaw could be chained with SMBGhost (CVE-2020-0796), a fault highlighted in March 2020, to attain pre-authentication remote code Continue Reading
Microsoft’s security department released a string of tweets cautioning organizations to deploy defenses against a new section of ransomware called PonyFinal that has existed over the last two months. A Java-based ransomware that threat actors manually distribute, PonyFinal first emerged in the threat scene earlier this year and perpetrated highly Continue Reading
By