More results...
In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews.
The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek.
Microsoft has released a critical security patch to address a severe remote code execution vulnerability affecting Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, poses an immediate threat to organizations managing Windows u…
Microsoft has rolled out a significant security enhancement to Windows File Explorer, automatically disabling the preview pane for files downloaded from the internet as part of security updates released on and after October 14, 2025. This proactive mea…
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which has added the flaw to its Known Exploi…
Leading to code execution, authentication bypass, and privilege escalation, the flaws were added to CISA’s KEV list.
The post CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities appeared first on SecurityWeek.
The official website for Xubuntu, a community-maintained “flavour” of Ubuntu that ships with the Xfce desktop environment, has been compromised to serve Windows malware instead of the Linux distro. The malicious download Reports about a pot…
A critical security vulnerability in Microsoft Windows Cloud Minifilter has been patched, addressing a race condition that allowed attackers to escalate privileges and create files anywhere on the system. The vulnerability, tracked as CVE-2025-55680, w…
Microsoft’s latest cumulative update for Windows 11, KB5066835, is causing significant disruptions for users, most notably by rendering USB keyboards and mice useless within the Windows Recovery Environment (WinRE). The patch, released on October 14, 2…
Microsoft’s October 2025 Windows 11 update has introduced an unexpected connectivity issue affecting developers and IT professionals worldwide. The security patch KB5066835, released on October 14, 2025, for OS Builds 26200.6899 and 26100.6899, h…
A newly discovered flaw in Microsoft’s Rust-based Graphics Device Interface (GDI) kernel component allows unprivileged attackers to crash or take control of Windows systems. Check Point Research (CPR) uncovered the issue in January 2025 and reported it…