Security News? Just a few clicks away

Tag Archives: Microsoft

One month beyond the end of support of Windows XP

It is now a month since the official support from Microsoft has ended for Windows XP. Read here about strategies to move away from it. In the meanwhile, all XP users are getting this message: If you click on the link … Continue reading

Microsoft fixes the Zero-Day exploit for IE 6 to 11, also on Windows XP

We wrote about the new Zero-day vulnerability in the Internet Explorer affects all IE Versions from 6 to 11 which is being exploited in limited and targeted attacks. This vulnerability, identified as CVE-2014-1776, could allow remote code execution even if the user doesn’t click on anything. … Continue reading

Patches for Microsoft and Adobe address several security vulnerabilities

Microsoft and Adobe released this week plenty of patches for their software. Microsoft released as planned the MS13-052 to 058 bulletins which resolve six critical  vulnerabilities in Microsoft software. The most severe vulnerability could allow remote code execution if a user views … Continue reading

Microsoft, Apple, Facebook victims of Java exploits

We wrote several times that when Oracle fixed quickly the security holes in Java, it did not have enough time to address the source of the problem. This can be now seen more clear after big names in the IT … Continue reading

Microsoft fixes the IE zero-day exploit

We have published information about the IE zero-day exploit which affected IE version 6 to 9 on all operating systems on which it is available. Not surprisingly, Microsoft announced today that they have a fix for this problem even before the cumulative patch on … Continue reading

Microsoft patch day brings many security fixes

Microsoft did a good job in August by releasing to customers no less than 9 security bulletins which fix 5 critical security vulnerabilities and 4 important ones. Pretty much everything is affected : – the Windows operating system (XP 32bit … Continue reading

Microsoft revokes certificates used to sign the Flame trojan

Microsoft released Security Advisory 2718704 which revokes some certificated which apparently were used to sign the trojan Flame. In a blog post, Microsoft explains how they discovered that some components of the malware have been signed by certificates that allow software to appear as … Continue reading

Microsoft to automatically upgrade IE, but there is a catch

Microsoft announced that they will start in January to automatically upgrade IE on all supported operating systems. The title of the post in the Microsoft’s Windows Team Blog is quite clear, IE to Start Automatic Upgrades across Windows XP, Windows Vista, and Windows 7, … Continue reading

Microsoft publishes a workaround for Duqu Malware

We have written already about Stuxnet v2 or TR/Duqu and we mentioned that Avira detects it TR/Spy.Duqu.A and  TR/Duqu.A.1. This malware uses a vulnerability in a Microsoft Windows component, the TrueType font parsing engine. The vulnerability is caused when the Windows kernel-mode driver win32k.sys fails … Continue reading

Internet Explorer issues after updates

Microsoft announced in the Security Bulletin MS11-081 published in October that all versions of Internet Explorer (from 6 to 9) on all Windows operating system versions are affected by some vulnerabilities, many of them critical. In the same time, updates were delivered … Continue reading