#windows

An arson attack in Colorado had detectives stumped. The way they solved the case could put everyone at risk.

About Remote Code Execution – 7-Zip (BDU:2025-01793) vulnerability. It’s about the fact that files unpacked using 7-Zip don’t get the Mark-of-the-Web. As a result, Windows security mechanisms don’t block the execution of the unpacked malware. If you remember, there was a similar vulnerability in January – CVE-2025-0411. The problem was with running files from the […]

You'd hope that spending $6,000 on a printer would give you a secure experience, free from viruses and other malware. However, in the case of Procolored printers, you'd be wrong.

Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on…

Mozilla Firefox experiments with AI-powered Perplexity Search Engine in its address bar for version 139, signalling a potential…

The beginning of Pwn2Own Berlin 2025, hosted at the OffensiveCon conference, has concluded its first two days with…

A new wave of attacks uses PowerShell and LNK files to secretly install Remcos RAT, enabling full remote…

**How can I verify that the update is installed?** Customers wanting to ensure the client has been updated can run the MDE Client Analyzer on the device. When running the analyzer on a Windows device that does not have the security update, the analyzer will present a warning (ID 121035) indicating missing patch and directing to relevant online article. Additionally, if the update is installed, but the Anti-Spoofing capability is not in a stable state, the analyzer will present warning (ID 121036) indicating an issue and providing additional online guidance or callout to reach out to Microsoft support if issue persists.

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization External Entities Blowup. This vulnerability is associated with program files src/main/java/io/github/bonigarcia/wdm/WebDriverManager.java. This issue affects webdrivermanager: from 1.0.0 before 6.1.0.

Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month's patch batch from Redmond are fixes for two other weaknesses that now have public proof-of-concept exploits available.