windows security

Microsoft’s security catalog has recorded CVE-2026-24282 as an out‑of‑bounds read in the Push Message Routing Service that can be abused by an authorized local user to disclose information from process memory, and Microsoft has released updates to address the defect; security teams should treat...

Microsoft shipped an urgent fix on Patch Tuesday for a newly catalogued elevation-of-privilege flaw in the Windows Universal Disk Format File System Driver (UDFS), tracked as CVE-2026-23672, closing a local attack path that could let low‑privilege users escalate to SYSTEM on affected machines...

Microsoft has published an advisory for CVE-2026-23671: a kernel‑level race condition in the Windows Bluetooth RFCOM Protocol Driver that can be abused by a locally authenticated, low‑privilege user to escalate to SYSTEM — and Microsoft’s update guidance indicates fixes were released on March...

Microsoft has published a security advisory for CVE-2026-23669, a high-impact remote code execution vulnerability in the Windows Print Spooler, and released patches on March 10, 2026; the issue is described as a use-after-free in Print Spooler components that can be triggered by specially...

Microsoft’s security tracker has recorded CVE-2026-23667 as an elevation-of-privilege vulnerability in the Windows Broadcast DVR component, and early third‑party aggregators describe the flaw as a use‑after‑free that can be abused by a locally authorized attacker to gain higher privileges on...

AMD has quietly pushed a new universal chipset package that expands official support across its Ryzen generations and — critically for security-minded Windows users — adds explicit CET compatibility for several chipset components, while a follow-up release tightens device support and fixes...

Microsoft has issued a platform-level warning: the Secure Boot certificates first issued around 2011 that underpin Windows’ pre-boot trust model begin expiring in June 2026, and although most updated systems will continue to boot, devices that do not receive the replacement certificate family...

Use Windows Security Protection History to Review, Restore, or Remove Quarantined Files Difficulty: Beginner | Time Required: 5–10 minutes Windows Security (formerly Windows Defender) actively protects your PC by scanning files, blocking threats, and quarantining suspicious items. Occasionally...

Bring Your Own Vulnerable Driver (BYOVD) is no longer a theoretical red-team trick — it has become a practical, high-impact play in real-world intrusions that turns Windows’ own trust model into an offensive asset. Over the past two years operators from commodity ransomware groups to...

Microsoft is moving Windows toward a tighter, more consent-driven security posture — and if you wait until one of your favorite apps breaks, you’ll be reacting under pressure instead of controlling the outcome. The change isn’t a sudden ban on freedom; it’s a multi-year shift that layers...

If your Windows Security app reports that the Windows Security Center service is turned off or missing, Windows will not reliably show your protection status — even when Microsoft Defender or another antivirus is actually running — and that mismatch can hide real problems and leave you exposed...

Security researchers have publicly released a working proof‑of‑concept (PoC) that reliably forces a Windows host into an unrecoverable Blue Screen of Death (BSoD) by abusing a logic bug in the Common Log File System driver (CLFS.sys), tracked as CVE‑2026‑2636 — a locally‑triggerable...

Microsoft has quietly begun a platform-level refresh of the cryptographic anchors that protect Windows’ pre‑boot environment, delivering new Secure Boot certificates through Windows Update and coordinated OEM firmware work to head off a calendar‑driven failure when Microsoft’s original UEFI...

Windows already ships with a surprisingly capable security baseline—Microsoft Defender and SmartScreen together stop a huge volume of commodity threats—but for anyone who treats a fresh install as “configuration in progress,” adding a small set of open‑source tools will materially raise privacy...

Microsoft’s quietly powerful Vulnerable Driver Blocklist now sits among the least flashy — but most consequential — defenses in Windows, preventing known‑weak kernel drivers from loading before they can be abused to escalate privileges, disable security software, or crash systems. m] Background...

Microsoft’s Windows already runs dozens of security checks before a program touches the kernel, but one of the least obvious — and quietly powerful — defenses is the Microsoft Vulnerable Driver Blocklist, a managed list that stops known-weak or malicious drivers from loading and protects the...

A subtle but important security gap in Werkzeug’s path-joining logic has resurfaced: attackers can craft filenames that exploit Windows’ legacy device-name semantics and cause web servers using Werkzeug’s safe_join/send_from_directory helpers to hang. This vulnerability, tracked as...

Microsoft appears to be turning Notepad into something closer to a lightweight Markdown notebook: Windows Latest reports that Microsoft is testing image support in the Windows 11 Notepad app, with the feature integrated into the app’s existing Markdown/formatting experience, and — importantly —...

Installing McAfee on a Windows 11 PC usually takes only minutes — but the real work that prevents most failures happens before you click “Install.” This guide walks you, step-by-step, through a reliable, technician-tested installation process for McAfee on Windows 11 and Windows 10, explains the...

The arrival of a Windows runtime sensor in the cloud-native security arsenal marks a consequential step for organizations operating mixed Linux and Windows estates: Wiz has opened a Public Preview of the Wiz Runtime Sensor for Windows, bringing runtime monitoring, detection, and active response...