software vulnerability

A chill just swept through the IT department, and it’s not from the air conditioning—Microsoft’s waving the red flag over a critical flaw in Windows 11 version 24H2, prompting the Pakistan Telecommunication Authority (PTA) to blast a security alert reminiscent of a fire drill, minus the free...

Original release date: October 1, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. In light of heightened tensions between the United States and...

Severity Rating: Critical Revision Note: V1.0 (December 13, 2016): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user either visits a specially crafted website or...

Revision Note: V1.0 (November 30, 2015): Advisory published. Summary: Microsoft is aware of unconstrained digital certificates from Dell Inc. for which the private keys were inadvertently disclosed. One of these unconstrained certificates could be used to issue other certificates, impersonate...

Severity Rating: Important Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update helps to resolve an information disclosure vulnerability in Microsoft Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability an attacker would first have to...

Today, Microsoft is pleased to announce the private preview of Link Removed, a security and threat information exchange platform for analysts and researchers working in cybersecurity. Interflow uses industry specifications to create an automated, machine-readable feed of threat and security...