Twenty years ago, Microsoft introduced the concept of Patch Tuesday to “reduce the burden on IT administrators by adding a level of increased predictability and manageability.” The goal of Patch Tuesday was to provide needed structure around what was largely an ad hoc process. By consolidating the majority of security updates and required patches into a planned release cycle, … [Read more...] about The Impact of Microsoft’s Vulnerability Problem
Microsofts
Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts
Feb 01, 2023Ravie LakshmananEnterprise Security / Authentication Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulent actors were … [Read more...] about Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts
Microsoft’s Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability
Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix for the remote code execution exploit in the Windows Print Spooler service can be bypassed in certain scenarios, effectively defeating the security protections and permitting attackers to … [Read more...] about Microsoft’s Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability