Malware that uses macros as part of its infection method has been around for more than a decade, and was one of the first major techniques to drive changes at software vendors such as Microsoft. The tactic has been making a comeback of late, and Microsoft is seeing a major spike in the volume of[…]
Browsing Tag: Microsoft
Microsoft announced a two-month bug bounty for its new Project Spartan browser.
The chief privacy officers of Microsoft, Facebook and Google today at RSA Conference discussed how their respective companies want to put more privacy controls in users’ hands.
SAN FRANCISCO–One of the downsides to being a software company with a huge customer base is that your products are going to be prime targets for attackers. But the flip side to that coin is that you’re going to gather a lot of data about vulnerabilities and attacks. Microsoft has been collecting that data for[…]
Dennis Fisher and Mike Mimoso discuss the Windows HTTP.sys vulnerability, Google’s decision to turn off the NPAPI in Chrome and the voting machine security disaster in Virginia.
Public denial-of-service exploits for a critical vulnerability in Microsoft’s implementation of the HTTP protocol stack, HTTP.sys are under way, while remote code execution attacks may still be to come.
Microsoft and Adobe released security bulletins addressing critical vulnerabilities in their respective products.
There is a serious vulnerability in all supported versions of Windows that can allow an attacker who has control of some portion of a victim’s network traffic to steal users’ credentials for valuable services. The bug is related to the way that Windows and other software handles some HTTP requests, and researchers say it affects[…]
A coordinated operation between international police and private technology companies shuts down the Simda botnet.
When it was revealed late last month that a Chinese certificate authority had allowed an intermediate CA to issue unauthorized certificates for some Google domains, both Google and Mozilla reacted quickly and dropped trust in CNNIC altogether, Apple has kept the root certificates in its trusted store for both iOS and OSX. Apple on Wednesday released[…]