endpoint security

Microsoft’s security advisory confirms a use-after-free flaw in the Remote Access Point-to-Point Protocol (PPP) EAP-TLS implementation that can allow an authorized local attacker to elevate privileges on affected Windows systems, and administrators must treat this as a priority patching and...

Microsoft's security update for a Windows File Explorer flaw underscores a long-standing risk vector: trusted UI components that implicitly parse untrusted content. In March 2025 Microsoft disclosed and patched a Windows File Explorer spoofing vulnerability that could cause Explorer to...

A recently published Microsoft advisory warns that CVE-2025-49762 — a race-condition flaw in the Windows Ancillary Function Driver for WinSock (AFD.sys) — can allow a locally authorized attacker to elevate privileges by exploiting concurrent execution using a shared resource with improper...

Title: CVE-2025-49743 — Windows Graphics Component race-condition allows local privilege escalation: what admins need to know and do now Summary What it is: CVE-2025-49743 is an elevation-of-privilege (EoP) vulnerability in the Microsoft Graphics Component caused by a race condition (concurrent...

Microsoft has confirmed that Windows PowerShell 2.0 — the legacy scripting engine first shipped with Windows 7 — will be removed from shipping Windows images as part of the upcoming Windows 11 and Windows Server 2025 releases, a change that closes a long‑running deprecation and removes a known...

Dell’s push into AI-ready PCs — and Haidi Nossair’s argument that this shift is fast becoming a competitive necessity rather than an optional refresh — captures a broader industry inflection where the endpoint is again being recast as strategic infrastructure for the enterprise. The conversation...

A new wave of skepticism is sweeping through the IT security world following revelations by renowned German researchers who have cast serious doubt on the safety of Windows Hello for business use. The much-touted biometric authentication system, a showcase feature in both Windows 10 and Windows...

Hackers showed at Black Hat that Windows Hello for Business can be fooled into accepting an attacker’s face by swapping biometric templates on a compromised PC—an attack that works stunningly fast if the intruder already has local admin privileges. In a live demo, German researchers Tillmann...

A potent wave of ransomware attacks has uncovered a cunning new strategy in cybercrime: hackers are leveraging a legitimate Intel CPU tuning driver to disable Windows 11’s built-in antivirus, leaving systems dangerously exposed. The Akira ransomware, already notorious for its aggressive...

Amid the frenetic pace and crowded exhibition halls of Black Hat 2025, three vendor announcements have emerged as potential game-changers in enterprise security. With the hybrid work era pushing organizations to grapple with unmanaged devices, bring-your-own-device (BYOD) policies, and surging...

Amid an escalating threat landscape where ransomware strikes have become the new norm for organizations across the globe, CrashPlan is positioning itself at the forefront of cyber resiliency and data protection. The acclaimed backup and cyber resiliency authority is set to showcase its latest...

A newly disclosed security flaw in Microsoft Exchange hybrid deployments is triggering urgent action among IT administrators worldwide, as Microsoft warns of a critical vulnerability—CVE-2025-53786—that exposes hybrid environments to stealthy privilege escalation attacks. As organizations...

Major data breaches and relentless ransomware campaigns have elevated cyber resiliency to the top of every IT leader’s priority list, making next-generation data protection solutions more essential than ever. This growing need will take center stage at TechCon 365 Atlanta, as CrashPlan—a...

Microsoft has unveiled its new AI-powered Phishing Triage Agent within Microsoft Defender, now available in public preview, marking a significant evolution in the way organizations approach email threat detection and response. As cyber threats continue to escalate in complexity and volume...

In a significant move poised to refocus how organizations manage data protection within Microsoft 365 environments, Sophos and Rubrik have announced a new, integrated backup and recovery solution explicitly tailored for Microsoft 365 users. This strategic partnership leverages Sophos’ expertise...

A sweeping transformation is underway in how enterprises approach digital continuity and cyber resilience, as Sophos unveils its MDR-optimised Microsoft 365 Backup and Recovery solution powered by Rubrik. In a move hailed by industry leaders as reshaping operational security, the partnership...

A new era of cyber resilience for Microsoft 365 users is unfolding as Rubrik and Sophos join forces to deliver an integrated backup, recovery, and threat response solution within the Sophos Central platform. Their collaboration arms organizations with the offensive and defensive tools needed to...

Making the switch to Windows 11 has been heralded as a leap forward in not only aesthetics and functionality, but also in built-in security—a claim that warrants closer scrutiny. As the world’s most widely used operating system gradually shifts from Windows 10 to Windows 11, users and industry...

As Windows 10 approaches its end of support on October 14, 2025, enterprises worldwide face a critical decision: whether to invest in Extended Security Updates (ESUs) or begin the transition to Windows 11. The urgency behind this choice has intensified as IT teams seek a seamless, secure, and...

The looming end of support for Windows 10 is compelling businesses of all sizes to reassess their workstation strategies, and Microsoft’s Windows Autopatch groups have emerged as a centerpiece for orchestrating the upgrade to Windows 11 at scale. This evolution is more than a technical...