Advertisement
Microsoft Coreutils for Windows: Security and Memory Safety Analysis
Microsoft introduces native Linux Coreutils for Windows via Rust. Analyze the security impact, memory safety benefits, and potential living-off-the-land risks.
Microsoft's Zero-Day Disclosure Stance Sparks Industry Debate
Microsoft's legal threats against a researcher for Zero-Day exploit disclosure spark industry backlash, prompting scrutiny of responsible disclosure practices.
CVE-2020-1472: How Attackers Exploit Windows Netlogon RCE — Patch Now
Threat actors are actively exploiting Zerologon (CVE-2020-1472), a critical Windows Netlogon RCE vulnerability that allows for full domain takeover.
Microsoft Condemns Public Zero-Day Disclosures, Advocates CVD
Microsoft reiterates strong support for Coordinated Vulnerability Disclosure, criticizing immediate public zero-day disclosures after a researcher's account removal.
Windows 11 KB5089573: Performance and Reliability Fixes for 24H2/25H2
Microsoft releases KB5089573 preview for Windows 11 24H2 and 25H2, addressing Task Manager bugs, ReFS performance issues, and Sandbox stability errors.
CVE-2026-45659: SharePoint RCE via Deserialization - Patch Now
Microsoft addresses CVE-2026-45659, a high-severity RCE flaw in SharePoint Server caused by untrusted data deserialization. Learn how to mitigate this risk.
YellowKey BitLocker Bypass: Microsoft Mitigates Data Access
Microsoft addresses the 'YellowKey' BitLocker bypass, preventing unauthorized data access via the FsTx Auto Recovery Utility in WinRE. Understand the threat.
YellowKey Zero-Day: Mitigating BitLocker Encryption Bypasses in Windows
Microsoft releases mitigation guidance for the YellowKey zero-day, a Windows BitLocker vulnerability allowing unauthorized access to encrypted data volumes.
Microsoft Disrupts MSaaS Operation Abusing Artifact Signing Service
Microsoft shuts down a malware-signing-as-a-service provider that leveraged fraudulent certificates to bypass security controls for ransomware groups.
Azure Backup for AKS Vulnerability: Risks of Silent Patches
A reported Azure Backup for AKS vulnerability allowed potential cluster compromise. Learn why Microsoft rejected the report and the impact of silent fixes.
Microsoft and Palo Alto Networks Use AI to Identify Dozens of Vulnerabilities
Microsoft and Palo Alto Networks leverage AI-powered tools MDASH and Mythos to identify dozens of critical software vulnerabilities before exploitation.
Microsoft MDASH AI Discovers 16 Windows Vulnerabilities
Microsoft reveals MDASH, a new AI-driven agentic scanning harness that discovered 16 vulnerabilities in Windows, now fixed in recent Patch Tuesday updates.