Security News

Microsoft engineers appear to have manually patched a 17 year-old vulnerability in Office, instead of altering the source code of the vulnerable component, ACROS Security researchers say. read more

How do you fix a program without the source code? You patch the binary directly.

Windows 10 Creators Update can detect reflective Dynamic-Link Library (DLL) loading in a variety of high-risk processes, including browsers and productivity software, Microsoft says. read more

Researchers warn of a Microsoft remote code execution bug that has persisted for 17 years in Office, leaving the OS unprotected until the vulnerability was patched Tuesday.

Microsoft on Tuesday released its November 2017 security updates to resolve 53 vulnerabilities across products, including a security bug that has impacted all versions of its Microsoft Office...

It's Patch Tuesday—time to update your Windows devices. Microsoft has released a large batch of security updates as part of its November Patch Tuesday in order to fix a total of 53 new security...

This month, Microsoft's Patch Tuesday updates tackle fixes for 53 security bugs in Windows, Office, Internet Explorer, Edge, ASP.NET Core, .NET Core, and its Chackra Core browser engine.

Microsoft’s Patch Tuesday updates for November address more than 50 vulnerabilities, including 20 critical flaws affecting the company’s web browsers. read more

A recently disclosed vulnerability that allows an attacker to abuse the quarantine feature of anti-virus products to escalate privileges doesn’t affect Windows Defender, Microsoft says. read more

A team of Microsoft researchers has been working on improving fuzzing techniques by using deep neural networks, and initial tests have shown promising results. read more