web security

In the sprawling maze of web applications, security is often the bedrock that keeps the cyber world from descending into chaos. Yet, when vulnerabilities emerge, it’s essential for all tech-savvy individuals—especially Windows users—to stay informed. Today, we turn our attention to a recent...

In a significant shakeup for enterprise users, Microsoft has officially announced the removal of Defender Application Guard (MDAG) from Windows 11 version 24H2. This feature, primarily used to bolster security within Microsoft Edge by isolating potentially dangerous web content in a virtualized...

In the ever-evolving landscape of web security, vulnerabilities seem to pop up like daisies in spring, and the recent designation of CVE-2024-9121 is no exception. Assigned by the Google Chrome security team, this serious flaw relates specifically to an "inappropriate implementation" within the...

Recently, a vulnerability identified as CVE-2024-5840 has been in the spotlight due to its implications for web security. This vulnerability, reported and assigned by Chrome, poses a significant risk by allowing a policy bypass in Cross-Origin Resource Sharing (CORS) mechanisms. For users of...

In the ever-evolving landscape of web security, vulnerabilities present significant risks to users and organizations alike. One such vulnerability, identified as CVE-2024-6776, represents a use after free bug associated with audio handling in Chromium. This report delineates the specifics...

In a recent development affecting web security, "CVE-2024-6779" has been identified as a critical vulnerability concerning Chromium's V8 JavaScript engine. This security flaw allows for out-of-bounds memory access, which could potentially be exploited by attackers to execute arbitrary code...

In July 2024, a critical vulnerability identified as CVE-2024-6992 was assigned specifically to the Chromium code base, which is at the core of several popular web browsers, including Microsoft Edge. The significance of this vulnerability extends not only to Chrome users but also to millions who...

Hello.., I have seen many websites ask for accepting cookies. What is the purpose of the acceptance of the cookies what will be the impact if don't accept the cookies? Thanks in advance.

I have a Windows 10 S laptop purchased this year. Today I checked the Windows Defender settings - Firewall and Anti-Virus is turned on but Web Protection shows "No Providers". There does not seem to be a provision to select or add any service provision to “defend” the Web. I am thinking that as...

Starting with Microsoft Edge 92, users can preview the Automatic HTTPS feature, which automatically switch your connections to websites from HTTP to HTTPS. As you browse the web, you may notice that the Microsoft Edge address bar displays a “not secure” message for some sites, and a lock icon...

Microsoft Inspire is a chance to connect with, and celebrate, our valued partners all around the world. Today, we are excited to announce that the FastTrack Ready Partner program is expanding to include the Link Removed. Learn more about the program—and additional Microsoft Edge news and...

In two previous blog posts ( part 1 and part 2), we talked about using Semmle QL in C and C++ codebases to find vulnerabilities such as integer overflow, path traversal, and those leading to memory corruption. In this post, we will explore applying Semmle QL to web security by hunting for one of...

:eek:

Every day, the Microsoft Security Response Center (MSRC) receives vulnerability reports from security researchers, technology/industry partners, and customers. We want those reports, because they help us make our products and services more secure. High-quality reports that include proof of...

I was using the Steven Black Hosts File to block malware and Ads. But lately the DNS Client kept activating and using 30 - 50% of my CPU and blocking me from doing anything online. By googling the symptoms of my DNS Client getting stuck like that I found that it can be caused by too large of a...

Wordfence, a security plugin in WordPress, helped a very big, very neglected site get back on its performance and security feet. Continue reading...

Hello, When i log in sites Microsoft Edge he ask me if i want to save the user and password. If i answer "YES", everything OK. If i answer "NO" he never more ask me to save the password. This is a problem for me, because in future i would like to say "YES". How can i configure for every time i...

Malwarebytes has been a really terrific program for me for many years. Lately, it's been acting up and their tech support dept. has not been responsive to their customers. One of the posters on their site said they posted a need for help on Oct 8 and as of this morning -- Oct 13, have not...

I am writing to explain my issue that I installed ssl certificate, then I decided to delete the ssl certificate but after I deleted it I found that my site fails to signing in. The attached error is appear when I try to sign in by any user but the site still working normally if i use it without...

Revision Note: V1.0 (May 9, 2017): Advisory published. Summary: Beginning May 9, 2017, Microsoft released updates to Microsoft Edge and Internet Explorer 11 to block sites that are protected with a SHA-1 certificate from loading and displays an invalid certificate warning. This change will only...