security - WMPoweruser

security

Microsoft launches Zero Trust Deployment Center

1 week

Zero Trust is a networking security management model which assume your internal network is already compromised and works to protect your valuable corporate data despite this. Microsoft explains the Zero Trust security model as suc...

Microsoft release out-of-band update for Windows Codecs library and Visual Studio Code to fix serious vulnerab...

by Surur

1 week

Microsoft has released two out-of-band fixes for Windows Codecs library and Visual Studio Code to address Remote Code Execution vulnerabilities in both platforms. The Windows bug involved the HEVC Windows Codecs library and impact...

Yesterday’s Windows 10 Patch Tuesday fixes a critical “Ping of Death” security flaw

by Surur

2 weeks

With all the excitement of the iPhone 12 launch yesterday’s October Patch Tuesday went mostly unnoticed, but the update delivered a very important fix. Security blog DarkReadings reports that the update fixed 87 vulnerabilit...

Windows Defender can download malicious files and now Windows Update can execute them

by Surur

2 weeks

We reported in September that Windows Defender has added the ability to download files via the command line using the app, e.g. MpCmdRun.exe -DownloadFile -url [url] -path [path_to_save_file] … which could be used to downlo...

Hackers say they cracked Apple’s T2 Secure Enclave chip

by Surur

3 weeks

Apple has long made much of their Secure Enclave Processor in their iPhones and more recently Macbooks’ but today hackers announced an “unpatchable” exploit for the processor which theoretically could give them f...

Google will now name and shame Android OEMs with insecure software

by Surur

3 weeks

Google’s security researchers are expanding the scope of their work, and will now be investigating bugs in the software which ships on the handsets of Android OEMs such as Huawei, ZTE and Samsung. The new program is called t...

Microsoft warns Zerologon is being exploited in the wild

by Surur

1 month

We reported a few days ago on the US Homeland security ordering government network admins to immediately patch their Windows Server 2008 and above (including Windows 10 Server) after the Zerologon vulnerability started spreading...

Homeland Security warns of major Windows Server vulnerability which “requires immediate attention”

by Surur

1 month

US Homeland security is requiring network admins to immediately patch their Windows Server 2008 and above (including Windows 10 Server) after the Zerologon vulnerability started spreading in the wild which can compromise a serve...

HostsFileHijack : Microsoft Defender falsely reports you are infected if you try and block Microsoft telemetry...

by Surur

2 months

Editing your host file is one way to block Microsoft telemetry and Microsoft-delivered ads on Windows, and it turns out Microsoft is not too happy with it. The latest versions of Microsoft Defender for Windows 10 will detect if yo...

Microsoft denies Windows Defender’s new feature is a security risk

by Surur

2 months

We reported two days ago that Windows Defender has added the ability to download files via the command line using the app, e.g. MpCmdRun.exe -DownloadFile -url [url] -path [path_to_save_file] Security researchers expressed concern...

Windows Defender’s new feature worry security researchers

by Surur

2 months

Windows Defender has added a new feature and security researchers are not too happy, as it has increased the attack surface of Windows. Version 4.18.2007.9 or 4.18.2009.9 of the app has added the ability to download files via the ...

Windows 10 devices vulnerable due to new Boothole Secure Boot exploit

by Surur

3 months

A new vulnerability has been discovered in Secure Boot which places a large number of Windows machines at risk. Boothole was discovered by security company Eclypsium, and the flaw in the GRUB2 file in Secure Boot can result in “...