Microsoft Patches Six Zero-Day Security Holes

Credit to Author: BrianKrebs| Date: Tue, 08 Jun 2021 20:53:28 +0000

Microsoft today released another round of security updates for Windows operating systems and supported software, including fixes for six zero-day bugs that malicious hackers already are exploiting in active attacks.

Read more

Microsoft Patch Tuesday, May 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 11 May 2021 20:28:19 +0000

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser.

Read more

Microsoft Patch Tuesday, April 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Apr 2021 23:12:19 +0000

Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server — the same systems that have been besieged by attacks on four separate (and zero-day) bugs in the email software over the past month. Redmond also patched a Windows flaw that is actively being exploited in the wild.

Read more

Warning the World of a Ticking Time Bomb

Credit to Author: BrianKrebs| Date: Tue, 09 Mar 2021 21:04:07 +0000

Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a “web shell” backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim’s other computers. Researchers are now racing to identify, alert and help victims, and hopefully prevent further mayhem.

Read more

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Credit to Author: BrianKrebs| Date: Fri, 05 Mar 2021 21:07:07 +0000

At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.

Read more

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Credit to Author: BrianKrebs| Date: Tue, 02 Mar 2021 21:19:17 +0000

Microsoft Corp. today released software updates to plug four critical security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group.

Read more

Microsoft Patch Tuesday, February 2021 Edition

Credit to Author: BrianKrebs| Date: Tue, 09 Feb 2021 22:37:19 +0000

Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. One of the bugs is already being actively exploited, and six of them were publicized prior to today, potentially giving attackers a head start in figuring out how to exploit the flaws.

Read more

Microsoft Patch Tuesday, January 2021 Edition

Credit to Author: BrianKrebs| Date: Wed, 13 Jan 2021 01:32:20 +0000

Microsoft today released updates to plug more than 80 security holes in its Windows operating systems and other software, including one that is actively being exploited and another which was disclosed prior to today. Ten of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by malware or miscreants to seize remote control over unpatched systems with little or no interaction from Windows users.

Read more