Security News

Patch Tuesday Microsoft kicked off our summer season with a relatively light June Patch Tuesday, releasing updates for 49 CVE-tagged security flaws in its products - including one bug deemed critical, a fairly terrifying one in wireless networking, and one listed as publicly disclosed. It could allow a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted malicious MSMQ packet to a vulnerable Windows system, such as a Windows Server box.

June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw and a RCE vulnerability in Microsoft Outlook. CVE-2024-30080 is a use after free flaw affecting Microsoft Message Queuing and can be exploited by unauthenticated attackers by sending a specially crafted malicious MSMQ packet to a MSMQ server.

Today is Microsoft's June 2024 Patch Tuesday, which includes security updates for 51 flaws, eighteen remote code execution flaws, and one publicly disclosed zero-day vulnerability. This Patch Tuesday fixed 18 RCE flaws but only one critical vulnerability, a remote code execution vulnerability in Microsoft Message Queuing.

Microsoft is warning about the potential abuse of Azure Service Tags by malicious actors to forge requests from a trusted service and get around firewall rules, thereby allowing them to gain...

Microsoft on Friday said it will disable its much-criticized artificial intelligence (AI)-powered Recall feature by default and make it an opt-in. Recall, currently in preview and coming...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature leaves much to be desired, and has announced important changes. A few weeks ago, Microsoft presented Copilot+ PCs, a new line of computers powered by Windows 11 and delivering some specific new features.

Following massive customer pushback after it announced the new AI-powered Recall for Copilot+ PCs last month, Microsoft says it will update the feature to be more secure and require customers to opt in to enable it. To further improve the feature's privacy and security, the company will also require users to prove that they're in front of the computer via Windows Hello to enable and use Recall.

Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner. The new guidance from the search and advertising...

May 2024 Patch Tuesday was unusual because we had security updates from Adobe, Apple, Google, Mozilla, and Microsoft on the same day. On the Microsoft front, the only Critical update was for Sharepoint Server, but there were important updates for Windows 11 with 41 CVEs addressed and Windows 10 with 47 CVEs addressed.