Researchers at HP’s Zero Day Initiative have disclosed full details and proof-of-concept exploit code for a series of bugs they discovered that allow attackers to bypass a key exploit mitigation in Internet Explorer.
Browsing Tag: Microsoft
In the two years since the details of the NSA’s deep penetration of the Internet infrastructure began to emerge, there has been a major movement afoot among Web companies to encrypt more and more of their resources and services. The latest large property to make this move is Reddit, which by the end of the[…]
Microsoft has reclassified the Ask Toolbar as unwanted software, which means its security tools will automatically detect and remove all versions, except for the most recent, from Windows computers.
Dennis Fisher and Mike Mimoso discuss the Duqu 2.0 attack and its ramifications, the addition of HSTS support to Windows 7 and 8.1 and the rest of the news of the week.
Microsoft announced it has added HTTP Strict Transport Security (HSTS) to Internet Explorer 11 on Windows 8.1 and Windows 7, in addition to its native inclusion in Microsoft Edge on Windows 10.
Microsoft released two critical bulletins—eight overall—as part of the June 2015 Microsoft Patch Tuesday security updates. One of the critical bulletins patches 24 vulnerabilities in Internet Explorer.
After several false starts, Microsoft finally is planning to support SSH in Windows and the company’s engineers also will contribute to the OpenSSH project.
Researchers from Core Security were able to exploit a security vulnerability in Windows’ group policy — MS15-011 — that was patched by Microsoft in February.
Dennis Fisher and Mike Mimoso talk about the VENOM vulnerability, the idea of marketing bugs, Microsoft’s new Edge browser security features and the awesome CSI: Cyber finale.
Microsoft updates its cryptographic cipher suite prioritization in Windows with the addition of four suites that bring Perfect Forward Secrecy to the operating system.