Microsoft Windows Archives

Microsoft Veeps Ignite Fire Under CrowdStrike

Richi Jennings | November 20, 2024 | CrowdStrike, CrowdStrike Falcon, CrowdStrike incident;, crowdstrike updates, David Weston, ignite, Microsoft, Microsoft security, Microsoft Virus Initiative, Microsoft Windows, Quick Machine Recovery, rust, Safe Deployment Practices, SB Blogwatch, Windows, Windows security

BSODs begone! Redmond business leaders line up to say what’s new in Windows security ...

Security Boulevard

Microsoft Fixes Four 0-Days — One Exploited for SIX YEARS

Richi Jennings | September 11, 2024 | CVE-2024-38014, CVE-2024-38217, CVE-2024-38226, CVE-2024-43491, KB5043083, KB5043936, Mark of the Web, Microsoft, Microsoft Patch Tuesday September 2024, Microsoft Windows, Microsoft Windows Zero Day, Patch Tuesday, SB Blogwatch, Windows, Windows Update

Week B: Bugs begone! This month Redmond fixes 79 security flaws in Windows and other products ...

Security Boulevard

Patch Tuesday not Done ’til LINUX Won’t Run?

Richi Jennings | August 21, 2024 | CVE-2022-2601, Dual boot, GRUB2 Bootloader Secure Boot Bypass, Linux, Microsoft, Microsoft Patch Tuesday August 2024, Microsoft Windows, Patch Tuesday, SB Blogwatch, SBAT, secure boot, Secure Boot Advanced Targeting, Windows

Redmond reboot redux: “Something has gone seriously wrong.” You can say that again, Microsoft ...

Security Boulevard

KC Green’s seminal “This Is Fine” cartoon, where a dog drinks coffee, seemingly oblivious to a fire that’s engulfing the house.

Microsoft Privacy FAIL: Windows 11 Silently Backs Up to OneDrive

Richi Jennings | June 25, 2024 | Microsoft, Microsoft Account Security, Microsoft OneDrive, Microsoft Windows, OneDrive, Privacy, SB Blogwatch, Windows, Windows 11

Copying users’ files and deleting some? Even a cartoon hound knows this isn’t fine ...

Security Boulevard

Microsoft CEO Satya Nadella, with superimposed text: “Daddy needs a new pair of shoes”

Use Windows 10? You Must PAY for Security

Richi Jennings | December 6, 2023 | ESU, Extended Lifecycle Support, Extended Support Updates, Microsoft, Microsoft 365, Microsoft 365 (365), Microsoft patch tuesday, Microsoft Windows, MSFT, Patch Tuesday, SB Blogwatch, Windows 10, Windows Update, Windows updates, Windows10

Micro$oft Window$ E$U: From October 2025, Microsoft will start charging for security updates to Windows 10 ...

Security Boulevard

Rust in Windows — it’s Official — Safe and Fast

Richi Jennings | April 28, 2023 | David Weston, memory safe, memory safe language, Microsoft, Microsoft Windows, rust, SB Blogwatch, Windows

40-year-old code: Starting with ancient, vulnerable legacy, Redmond team is rewriting chunks in the trendy secure language ...

Security Boulevard

Introducing RPC Investigator

Trail of Bits | January 17, 2023 | Engineering Practice, Microsoft Windows, Research Practice

A new tool for Windows RPC research By Aaron LeMasters Trail of Bits is releasing a new tool for exploring RPC clients and servers on Windows. RPC Investigator is a .NET application ...

Trail of Bits Blog

What child is this?

Trail of Bits | December 20, 2022 | Microsoft Windows, Program Analysis

A Primer on Process Reparenting in Windows By Yarden Shafir Process reparenting is a technique used in Microsoft Windows to create a child process under a different parent process than the one ...

Trail of Bits Blog

Broken Windows: ‘Follina’ Flaw not Fixed — For 22 MONTHS

Richi Jennings | June 6, 2022 | 0-click, 0-day, Follina, Microsoft Windows, ms-msdt, rce, SB Blogwatch

A nasty zero-click, zero-day RCE bug remains unpatched in Windows. Dubbed “Follina,” Microsoft’s done diddly-squat about it ...

Security Boulevard

Blocking the Exploitation of PrintNightmare

Virsec Team | August 18, 2021 | application aware protection, application aware workload protection, Cyber Security, Cyber-attack, Microsoft Windows, printers, PrintNightmare vulnerability, runtime protection, vulnerability

Last week, in its Patch Tuesday update, Microsoft Security Response Center released an additional security fix for the series of zero-day vulnerabilities known collectively as “PrintNightmare,” which can be used to break ...

Virsec Blog