Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required.
Microsoft has warned Windows users that there is an unpatched zero-day vulnerability in Internet Explorer that is being exploited in targeted attacks.
Hundreds of millions of Windows 10 users are having an important patch rolled out to their computers today after Microsoft was warned by the NSA of a serious security hole in the operating system.
At 11am PST (7pm UK), Microsoft will release its last ever Patch Tuesday updates for Windows 7. After today, Microsoft says it won’t release any more security patches for the ageing operating system.
Currently BlueKeep attacks have been causing computers to crash, and drawing attention to themselves. But that may be about to change… Read more in my article on the Tripwire State of Security blog.
The BlueKeep vulnerability, discovered by the UK’s NCSC, is being exploited at scale in an attempt to install a cryptocurrency miner on unpatched Windows PCs.
Microsoft’s security team warns that the remote code execution vulnerabilities could be abused by malware to spread from computer to computer without requiring any user interaction. Patch your systems now! Read more in my article on the Hot for Security blog.
Two years after the WannaCry ransomware outbreak shone a light on the computer security of the the UK’s National Health Service, and five years after Microsoft said it would no longer release patches for Windows XP, the NHS still has 2,300 PCs running the outdated operating system. Read more in my article on the Tripwire State of Security blog.
US Cyber Command has issued an alert about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook, as concerns are raised of a rise in an Iranian-backed hacking group’s activities. Read more in my article on the Hot for Security blog.
With 180 million active users it’s no wonder that Microsoft Office 365 has caught the attention of online criminals. Read more in my article on the Bitdefender Business Insights blog.
I have this horrible feeling that the only way we’re going to wake the world up to the need to patch their ageing versions of Windows against the BlueKeep vulnerability is to wait until a malicious worm begins to spread around the world. Prove me wrong. Patch now.
Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after you murder your podcast co-host? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.
Microsoft is urging computer users to patch their systems now against a critical vulnerability that could be exploited by a fast-moving worm. Read more in my article on the Hot for Security blog.
Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.
Even if you don’t use Internet Explorer any more, it may still be posing a potential risk by being installed on your Windows PCs. Read more in my article on the Hot for Security blog.
Microsoft says that it had identified that one of its support agents had had their username and password stolen, which allowed hackers to access information stored within users’ email accounts. Read more in my article on the Hot for Security blog.