Each year, as global threats to cybersecurity grow ever more sophisticated, the digital world’s frontline defenders quietly make their impact felt. Microsoft’s Security Response Center (MSRC) has again stepped forward to celebrate those tireless and ingenious individuals by unveiling its list of...
The Microsoft Security Response Center (MSRC) has once again spotlighted excellence and dedication in its 2025 Q2 Security Researcher Leaderboard, reinforcing its status as a linchpin in the global effort to secure Microsoft's vast ecosystem. Each quarter, the security community—comprising...
Visual Studio Code continues to stand at the forefront of code editors, serving millions of developers globally with its flexibility, open-source nature, and strong ecosystem of extensions. However, its popularity and reach make it a prime target for security researchers and threat actors alike...
The recent disclosure of CVE-2025-29837, a Windows Installer information disclosure vulnerability categorized under 'improper link resolution before file access' (also known as 'link following'), brings renewed scrutiny to the mechanisms governing resource management and security within the...
advanced threats
cve-2025-29837
endpoint security
file system security
information disclosure
it infrastructure security
it security best practices
malware prevention
patch management
privilege escalation prevention
securitycommunitysecurity patch updates
security vulnerabilities
symbolic links exploits
symlink attacks
system hardening
temporary directory security
windows installer
windows security
windows system vulnerabilities
For years, Windows Remote Desktop Protocol (RDP) has served as a lifeline for remote IT administration, telework, and seamless cross-location access—widely relied upon by system administrators, enterprises, and everyday power users. But recent revelations indicate that RDP may harbor a...
Gathered in San Francisco on April 28, 2025, a cohort of industry leaders, cybersecurity professionals, and Microsoft leadership convened to recognize the 2025 Microsoft Security Excellence Awards winners—an event underscoring both innovation in cybersecurity and the scale of global...
Today, Microsoft is pleased to announce the private preview of Link Removed, a security and threat information exchange platform for analysts and researchers working in cybersecurity. Interflow uses industry specifications to create an automated, machine-readable feed of threat and security...
One year ago this week we challenged the security community to take an unconventional focus on defensive innovation. We called that challenge the Link Removed due to 404 Error, and tomorrow night, we will award the grand prize of $200,000 to one of the finalists - Jared DeMott, Ivan Fratric, or...