Dennis Fisher and Mike Mimoso discuss the Duqu 2.0 attack and its ramifications, the addition of HSTS support to Windows 7 and 8.1 and the rest of the news of the week.
Browsing Tag: Microsoft
Microsoft announced it has added HTTP Strict Transport Security (HSTS) to Internet Explorer 11 on Windows 8.1 and Windows 7, in addition to its native inclusion in Microsoft Edge on Windows 10.
Microsoft released two critical bulletins—eight overall—as part of the June 2015 Microsoft Patch Tuesday security updates. One of the critical bulletins patches 24 vulnerabilities in Internet Explorer.
After several false starts, Microsoft finally is planning to support SSH in Windows and the company’s engineers also will contribute to the OpenSSH project.
Researchers from Core Security were able to exploit a security vulnerability in Windows’ group policy — MS15-011 — that was patched by Microsoft in February.
Dennis Fisher and Mike Mimoso talk about the VENOM vulnerability, the idea of marketing bugs, Microsoft’s new Edge browser security features and the awesome CSI: Cyber finale.
Microsoft updates its cryptographic cipher suite prioritization in Windows with the addition of four suites that bring Perfect Forward Secrecy to the operating system.
The May 2015 Microsoft Patch Tuesday security updates include 13 bulletins, three of them rated critical for bugs in IE, font drivers and Windows Journal.
For many years now, the browser has been the most dangerous piece of software on most users’ machines. Attackers love to target browsers and a remote code execution bug in a major browser is gold for them. The browser vendors have been making gradual changes to better protect users in recent years, and now Microsoft[…]
Dennis Fisher and Mike Mimoso talk about the end of the Patch Tuesday era for most Microsoft customers, the appeals court ruling on Section 215 metadata collection and Dennis’s idea for a security industry commission.