secure windows | Breaking Cybersecurity News | The Hacker News

Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday , Microsoft has released a large batch of security updates to patch a total of 81 CVE-listed vulnerabilities, on all supported versions of Windows and other MS products. The latest security update addresses 27 critical and 54 important vulnerabilities in severity, of which 38 vulnerabilities are impacting Windows, 39 could lead to Remote Code Execution (RCE). Affected Microsoft products include: Internet Explorer Microsoft Edge Microsoft Windows .NET Framework Skype for Business and Lync Microsoft Exchange Server Microsoft Office, Services and Web Apps Adobe Flash Player .NET 0-Day Flaw Under Active Attack According to the company, four of the patched vulnerabilities are publicly known, one of which has already been actively exploited by the attackers in the wild. Here's the list of publically known flaws and their impact: W...

It seems Microsoft is planning to build its EMET anti-exploit tool into the kernel of Windows 10 Creator Update (also known as RedStone 3), which is expected to release in September/October 2017. So you may not have to separately download and install EMET in the upcoming version of the Windows 10. If true, this would be the second big change Microsoft is making in its Windows 10 Fall update after planning to remove SMBv1 to enhance its users security. EMET or Enhanced Mitigation Experience Toolkit, currently optional, is a free anti-exploit toolkit for Microsoft's Windows operating systems designed to boost the security of your computer against complex threats such as zero-day vulnerabilities. " EMET helps protect your computer systems even before new and undiscovered threats are formally addressed by security updates and antimalware software ," Microsoft site reads. Basically EMET detects and prevents buffer overflows and memory corruption vulnerabilities,...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Security researchers have unearthed a serious security flaw in all supported versions of Windows that could let hackers steal users' credentials from computers, tablets or servers running any version of Windows operating system, including the as-yet-released Windows 10. This vulnerability in Windows was first discovered 20 Years ago : The critical bug, dubbed " Redirect to SMB ," is a variant of a vulnerability found in Windows by researcher Aaron Spangler nearly 18 years ago that caused Windows to expose a user's Windows username and password automatically. However, according to researchers at security firm Cylance who discovered the flaw, this weakness in Windows was never patched by Microsoft, as Microsoft says that this flaw is not worth focusing on, and, therefore... ...This results in a new hack that targets the SMB file sharing protocol . But, What is SMB? SMB, or Server Message Block, is a protocol that allows users to share files o...