SEARCH
Archive
Microsoft Fixes Actively Exploited Windows Privilege-Escalation Bug
Meanwhile, two exploited Exchange flaws that publicly emerged two weeks ago were not addressed in Microsoft’s update.
Attackers Exploiting Two Microsoft Exchange Zero Days
Attackers are exploiting two new Microsoft Exchange zero days ( CVE-2022-41040 and CVE-2022-41082) in the wild. Microsoft is working on a patch.
Lazarus Group Affiliate Uses Trojanized Open Source Apps in New Campaigns
Zinc, a Lazarus group offshoot, is using trojanized versions of open source apps such as KiTTY and PuTTY in a new phishing campaign.
Microsoft Fixes Exploited Windows Bug
The vulnerability in the Windows Common Log File system could allow an authenticated attacker to execute code with elevated privileges.
Microsoft Discloses Previously Fixed Azure Synapse Bug
Microsoft quietly fixed the elevation of privilege flaw in June.