Microsoft is planning to disable support for the weak SSLv3 protocol in Internet Explorer at some undetermined point in the future.
Browsing Category: Microsoft
Researchers with Microsoft have spotted a spike in Crowti, a ransomware similar to Cryptolocker that encrypts files on victims’ machines and then asks for payment to unlock them.
The Dyreza Trojan is exploiting the recently disclosed CVE-2014-4114 vulnerability in Windows that was first used by the Sandworm attackers.
A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services. Josh Pitts of Leviathan[...]
Attackers are using a zero day vulnerability in nearly all supported versions of Windows in a series of targeted attacks.
Microsoft, in 2009, silently fixed a FASTFAT driver flaw in Windows 7, leaving the same vulnerability in older Windows versions until it was patched this week.
One of the not-so-great side effects of the transition to virtually everything being done in the Web browser now is that advertisers, attackers and scammers constantly are trying to get their code to run in users’ browsers, any way they can. A lot of this is done through extensions and browser objects, some of which[...]
Security firms have peeled back the layers on two zero day vulnerabilities that are currently being used in limited, targeted attacks against the Windows Kernel.
Microsoft announced that it has extended support for SHA-2 and TLS in supported versions of Windows.
With details of the new POODLE attack on SSLv3 now public, browser vendors are in the process of planning how they’re going to address the issue in their products in a way that doesn’t break the Internet for millions of users but still provides protection.