Bleeping Computer

New Windows zero-day exposes NTLM credentials, gets unofficial patch

A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. The flaw was ...

For January, Patch Tuesday starts off with a bang

The latest update from Microsoft deals with 112 flaws, including eight the company rated critical — and three zero-day exploits. Ninety-five of the vulnerabilities affect Windows.
Forbes

New Windows 7 And Windows Server 2008 Security Updates Confirmed

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. The secret to the continuing availability of security patches ...
CSOonline

November Patch Tuesday: Zero day Windows kernel flaw in servers, controllers, and PCs

Also of importance are a Kerberos vulnerability in Active Directory, a Visual Studio Copilot extension, and a Microsoft Graphics Component issue. A zero day elevation of privilege Windows kernel flaw ...
CSOonline

April Patch Tuesday news: Windows zero day being exploited, ‘big vulnerability’ in 2 SAP apps

A threat actor is exploiting a zero-day elevation of privileges vulnerability in the Windows Common Log File System to deploy ransomware, one of a number of critical holes Microsoft plugged today as ...
Bleeping Computer

New Windows zero-day leaks NTLM hashes, gets unofficial patch

Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows Explorer ...