The RC4 and SHA-1 algorithms have taken a lot of hits in recent years, with new attacks popping up on a regular basis. Many security experts and cryptographers have been recommending that vendors begin phasing the two out, and Microsoft on Tuesday said that is now recommending to developers that they deprecate RC4 and stop using the SHA-1 hash algorithm.
Browsing Category: Microsoft
Microsoft today issued eight bulletins addressing 19 separate vulnerabilities in its Windows operating system, Internet Explorer Web browser, Office, and other products.
Microsoft announced today that a patch for the Internet Explorer zero day vulnerability was already set to be included in tomorrow’s Patch Tuesday updates.
Dennis Fisher and Mike Mimoso talk about the major stories from the last couple of weeks, including the changes to the Microsoft bug bounty program, the new Internet bug bounty, the Apple transparency report and a new paper on a weakness in Bitcoin.
Microsoft said today it will not patch a zero-day vulnerability disclosed this week being used in targeted attacks in the Middle East and Asia.
Attackers exploiting the Microsoft Windows and Office zero day revealed yesterday are using an exploit that includes a malicious RAR file as well as a fake Office document as the lure, and are installing a wide variety of malicious components on newly infected systems. The attacks seen thus far are mainly centered in Pakistan.
Microsoft is warning users about targeted attacks against a new vulnerability in several versions of Windows and Office that could allow an attacker to take over a user’s machine. The bug, which is not yet patched, is being used as part of targeted attacks with malicious email attachments, mainly in the Middle East and Asia.[...]
Microsoft is expanding its bug bounty program to open up payments of up to $100,000 to incident response teams and forensics experts who come across active attacks in the wild.
Dennis Fisher talks with Katie Moussouris of Microsoft about her childhood exploits with Commodore 64 programming, ignoring her Barbies, growing up as a hacker, her days as a pen tester and the challenges of working on security at Microsoft.
Microsoft is warning Windows XP users that once the operating system is no longer supported as of next April, their chances of being infected by malware will rise significantly.