Articles about microsoft security

The Register breaking news

Microsoft plasters IE8 hole abused in nuke lab PC meltdown

Microsoft has issued a temporary fix for a high-profile Internet Explorer 8 vulnerability. This is the bug linked to recent targeted attacks against web pages accessed by nuclear weapons research teams at the US Department of Labor website. The Fix It, released late on Wednesday, is designed to offer a temporary block against …
John Leyden, 9 May 2013
The Register breaking news

Microsoft bundles BlueHat finalist tech into anti-exploit tool

Microsoft has beefed up one of its anti-exploit tools with technology from a $200K contest finalist. Technology from a BlueHat Prize finalist Ivan Fratric, designed to mitigate attacks that leverage Return Oriented Programming (ROP), has already been incorporated into Redmond's Enhanced Mitigation Experience Toolkit (EMET) 3.5 …
John Leyden, 27 Jul 2012
The Register breaking news

No BEAST fix from Microsoft in December patch batch

Microsoft released 13 security bulletins addressing 19 vulnerabilities overnight, as part of a bumper final Patch Tuesday of the year. Highlight of the baker's dozen is a patch for the the zero-day vulnerability exploited by Duqu (sibling of Stuxnet) worm back in October. Fixing the underlying flaw exploited by Duqu involves …
John Leyden, 14 Dec 2011
The Register breaking news

MS security centre search poisoned with infectious smut

Microsoft has disabled the search results on its Security Centre after malware-spreaders abused the function to promote shady pornographic websites serving Trojans as well as cheap thrills. Only the Security Section of Microsoft's website was affected by the search-engine poisoning attack. Such attacks are often used to place …
John Leyden, 11 Jul 2011
The Register breaking news

Rustock zombies halved as clean-up efforts continue

The zombie machines which formerly powered the infamous Rustock botnet are down to half their original number, according to Microsoft. Redmond ran a successful takedown operation back in March that effectively knocked out Rustock's command and control nodes. That meant that infected PCs were no longer being sent spam templates …
John Leyden, 7 Jul 2011
The Register breaking news

Zero-day backdoors to be left unplugged on Patch Tuesday

Microsoft plans to release two updates – one critical – as part of the next edition of its Patch Tuesday security bulletin cycle on 11 January. The critical vulnerability affects all supported versions of Windows (including Windows 7 and 2008R2) while the less serious fix is particular to a flaw that's restricted to Windows …
John Leyden, 7 Jan 2011
graph up

MS withdraws misfiring Outlook update

Microsoft has withdrawn a recently issued patch for Outlook 2007 following the emergence of conflicts with third-part email accounts. Users who installed the Outlook update (KB2412171), which was published on 14 December, also complained of problems and general sluggishness in moving between email folders or following Calendar …
John Leyden, 22 Dec 2010
The Register breaking news

MS probes mystery IE bug

Microsoft is investigating reports of a new bug in Internet Explorer. Redmond's Security Response Team (MSRT) said on Friday that it was aware of a "publicly disclosed issue involving Internet Explorer", and promised an investigation, without going into details. Circumstantial evidence suggests Microsoft is referring to a …
John Leyden, 6 Sep 2010
The Register breaking news

Spurned security researchers form anti-MS collective

Updated Security researchers irked by how Microsoft responded to Google engineer Tavis Ormany's public disclosure of a zero-day Windows XP Help Center security bug have banded together to form a group called the Microsoft Spurned Researcher Collective*. The group is forming a "union" in the belief that together they will be better …
John Leyden, 6 Jul 2010
The Register breaking news

Zero-day fixes star in biggest ever Patch Tuesday

Microsoft is preparing its biggest ever Patch Tuesday update for next week. The bumper batch of 13 bulletins collectively address 34 security flaws across a wide spectrum of Microsoft products. Eight of the baker's dozen bulletins earn the dread classification of critical, Microsoft's highest severity rating. Two of these …
John Leyden, 9 Oct 2009

Windows recovery loophole lets hackers in

Windows Vista may be Microsoft's most secure operating system to date, but researchers are still finding some glaring loopholes for hackers to exploit. Here is the latest: all you need is a Vista Install DVD to get admin level access to a hard drive. The loophole arises because the Command Prompt tool in Vista's System …
John Leyden, 12 Jun 2007
arrow pointing up

Researchers unpick Vista kernel protection

Security researchers have found a way to subvert the load-up procedure for Windows Vista and bypass its code-signing security checks. Indian researchers Nitin and Vipin Kumar of NV labs have developed a tool called VBoot kit, a custom boot sector loader, which launches from a CD. Once loaded, the tool allows hackers to make …
John Leyden, 4 Apr 2007

Create a news alert about microsoft security, or find more stories about microsoft security.

Biting the hand that feeds IT © 1998–2018