The second Tuesday of February brings the monthly security updates from Microsoft. Microsoft Security Updates – February 2022 February is a relatively modest month for Microsoft with just 51 security patches released. Even though none of this month’s vulnerabilities are rated as Critical, there is a trio of remote code execution vulnerabilities. Historically February is […]
February Security Updates Read More »
A new phishing campaign is using CSV files to deliver malware to unsuspecting users who mistakenly think that plain text CSV files are safe to open in Excel. Comma Separated Variable (CSV) files are produced by many applications as a kind of universally compatible report format as they consist of simple text files which contain
How malicious CSV files can deliver malware Read More »
The New Year gets off to a busy start for Microsoft with the first security patch updates resolving over 100 vulnerabilities including six zero-days and one critical flaw identified as wormable. A wormable vulnerability can be exploited with no human intervention allowing malware to move from one computer to another across your network. This flaw
Microsoft January Patch Tuesday Read More »
Customers of Microsoft Exchange Servers and some Honda motor vehicles experienced unusual errors with the turn of the year as software failed to handle the year 2022 when the date rolled over. Microsoft Exchange Server bug The FIP-FS anti-spam and anti-malware service has been enabled by default on all Exchange Servers since Exchange 2013 was
Y2K22 Bugs hit Microsoft and Honda Read More »
Proof of Concept code has been published showing how to exploit two vulnerabilities that would allow an attacker to obtain domain admin privilege on your Windows Domain Controllers. In the November security patch bundle, Microsoft released patches to resolve two vulnerabilities ( CVE-2021-42287 and CVE-2021-42278 ) in the Windows Active Directory Domain Services. On December 12th a proof
Install patches to protect Domain Controllers warns Microsoft Read More »
This week Microsoft released their last monthly security patch bundle for the year, fixing six zero-day vulnerabilities – and many other companies released security updates as well. Microsoft Updates for December This month Microsoft’s security bundle includes fixes for 67 vulnerabilities with six of them classified as zero-day – which means in Microsoft’s terms: that
December Patch Tuesday updates Read More »
This week there have been several exploits published that target recently published (and patched) vulnerabilities in Microsoft Exchange Server and Windows 10/11 systems. Coming just a week after Microsoft published patches for these vulnerabilities, already proof of concept code has been made available on GitHub and threat actors have started targeting the exploits hoping to
Attackers rapidly target Microsoft vulnerabilities Read More »
November’s security updates bring a bundle of important fixes for vulnerabilities in Windows and Android devices Microsoft Patch Tuesday Updates Microsoft’s security update this month fixes 55 security flaws with 6 of them called out as zero-day vulnerabilities. Microsoft classifies a zero-day as a vulnerability that is either under active attack in the wild or
November Security Updates Read More »
At the RSA Conference in 2004, Bill Gates predicted the death of the password. 17 years later Microsoft is finally bringing that prediction to pass with the roll out of passwordless logins for Microsoft 365 services. How does it work, and is it secure? Bill Gates said in 2004: “There is no doubt that over
What is passwordless security? Read More »
Microsoft has released patches for two security vulnerabilities in PowerShell which could allow a malicious script to circumvent the protection offered by Windows Defender Application Control. PowerShell is a cross-platform command-line shell used extensively in the administration of Windows and Azure servers. It is also popular with malicious users due to its power and flexibility
PowerShell Patches security flaws Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.