windows 7 hack | Breaking Cybersecurity News | The Hacker News

A highly mysterious update that was pushed out to Windows machines globally was the result of a test that was not correctly implemented. Yes, Microsoft accidentally released a test patch (KB3877432) to consumer machines running Windows 7, making users believe that the Windows Update service got hacked, and they are infected with malware. However, several hours later, a Microsoft spokesperson clear the air by confirming that the company had " incorrectly published a test update " and that they are "in the process of removing it." Windows users started raising concerns on social media, Microsoft community forums, and news-sharing sites that the Update service has been compromised in some way. The rogue patch, 4.3MB in size , advertised itself as a Windows Language Pack and flagged as an " Important " update, but featured strange and inaccessible URLs and lacked any detailed information. Is My Windows PC Being Compromised? A Wi...

Microsoft has heavily criticized Google and its 90-days security disclosure policy after the firm publicly revealed two zero-day vulnerabilities in Microsoft's Windows 8.1 operating system one after one just days before Microsoft planned to issue a patch to kill the bugs. But, seemingly Google don't give a damn thought. Once again, Google has publicly disclosed a new serious vulnerability in Windows 7 and Windows 8.1 before Microsoft has been able to produce a patch, leaving users of both the operating systems exposed to hackers until next month, when the company plans to deliver a fix. DISCLOSURE OF UNPATCHED BUGS, GOOD OR BAD? Google's tight 90-days disclosure policy seems to be a good move for all software vendors to patch their products before they get exploited by the hackers and cybercriminals. But at the same time, disclosing all critical bugs along with its technical details in the widely used operating system like Windows 7 and 8 doesn't appears to be a righ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...