Security News

Microsoft fixes 6 zero-days under active attack
2024-08-13 20:09

August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days...

Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited
2024-08-13 18:41

Today is Microsoft's August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on...

Microsoft fixes issue that sent PCs into BitLocker recovery
2024-08-13 18:03

Microsoft has fixed a known issue causing some Windows devices to boot into BitLocker recovery after installing last month's Windows security updates. [...]

Microsoft is killing the Windows Paint 3D app after 8 years
2024-08-12 19:18

Microsoft announced that the Paint 3D graphics app will be discontinued later this year and removed from the Microsoft Store in November. [...]

Microsoft shares Outlook workaround for Gmail sign-in issues
2024-08-12 16:55

​​Microsoft has shared a temporary fix for a known issue preventing Microsoft 365 customers from signing in or adding Gmail accounts using classic Outlook. [...]

Microsoft: Windows 11 22H2 reaches end of support in 60 days
2024-08-10 15:27

Microsoft has reminded customers that multiple editions of Windows 11 21H2 and 22H2 will reach the end of servicing in 60 days, on October 8, 2024. [...]

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure
2024-08-10 05:35

Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200, has been described as a spoofing flaw that affects the following versions of Office -.

Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
2024-08-09 18:18

Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution and local privilege escalation. CVE-2024-27459 - A stack overflow vulnerability leading to a Denial-of-service and LPE in Windows.

Microsoft discloses unpatched Office flaw that exposes NTLM hashes
2024-08-09 16:14

​Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. [...]

Microsoft discloses Office zero-day, still working on a patch
2024-08-09 16:14

​Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. [...]