News

Patch Tuesday: Microsoft Addresses 137 Vulnerabilities, Including High-Severity SQL Server RCE
Patch Tuesday fixes 137 vulnerabilities, including critical flaws in SQL Server, Netlogon, Office, and the .NET Framework.
The Hacker News6d
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
"Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network," Microsoft said in an advisory. "An attacker could exploit this ...
CSO Online6d
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Heap-based buffer overflow in Windows rated 9.8 in severity and SharePoint RCE flaw also need immediate attention.
The Hacker News47m
Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access
Researchers expose critical flaw in Windows Server 2025’s dMSA, enabling enterprise-wide access and lateral movement across ...
TMCnet2h
Semperis Research Uncovers Critical Flaw in Windows Server 2025 Exposing Managed Service Accounts to Golden dMSA Attack
To help further understanding of how this attack technique works in practice, Semperis Researcher Adi Malyanker built a tool called GoldenDMSA. The tool incorporates the logic of the attack, allowing ...
Windows KB5064489 emergency update fixes Azure VM launch issues
Microsoft has released an emergency update to fix a bug that prevents Azure virtual machines from launching when the Trusted ...
WinBuzzer20h
How Windows 11 Overhauls Security with New ‘Administrator Protection’ Feature
Microsoft has started public testing of 'Administrator Protection' in Windows 11, a new security feature that requires Windows Hello for admin tasks.