Windows

65% of Windows devices run Windows 7, where 600 vulnerabilities reside

65% of Windows devices run Windows 7, where 600 vulnerabilities reside

By

This seven-year-old version of the software is leaving enterprises open to 600 security vulnerabilities.

What's behind backdoor #3? Mac version of Mokes malware follows Linux, Windows variants

By

Kaspersky Lab today released an analysis of a newly discovered version of Mokes - a malicious, cross-platform backdoor with spying functionality - this one targeting Apple's OS X operating system.

New version of L0phtCrack makes cracking Windows passwords easier than ever

New version of L0phtCrack makes cracking Windows passwords easier than ever

By

L0phtCrack is back, 19 years old and updated for the first time in six years, version 7 is apparently 500 times faster

Operation Ghoul attacks terrorise industrial and engineering orgs

By

Kaspersky researchers spotted a wave of attacks that has affected more than 130 organisations in at least 30 countries.

Researcher finds Windows flaw that permits fileless UAC bypass

Researcher finds Windows flaw that permits fileless UAC bypass

By

Windows vulnerability would allow hackers to subvert PowerShell to bypass the UAC, leaving no trace of having accessed the system.

Rate of unpatched non-Microsoft programs on the rise in the UK

By

The percentage of unpatched Windows operating systems was on the decline in the second quarter of 2016, leading to an overall decrease in the number of exploitable Windows vulnerabilities.

53% of organisations around the world still use Windows Server 2003

By

Over half (53 percent) of companies have at least one instance of Windows Server 2003 still running even though its end of life (EOL) date passed on 14 July 2015.

Windows zero day devalued as supply and demand takes hold, experts speculate

Windows zero day devalued as supply and demand takes hold, experts speculate

By

Market forces are beginning to have an effect on zero days, evidenced by a new drop in the price of a significant zero-day.

1.5 billion Windows computers potentially affected by unpatched 0-day exploit

1.5 billion Windows computers potentially affected by unpatched 0-day exploit

By

Trustwave has found a zero-day exploit which it said affects all versions of Microsoft's OS Windows, all the way from Windows 2000 up to a fully patched version of Windows 10.

Apple stops patching QuickTime for Windows despite two security flaws

Apple stops patching QuickTime for Windows despite two security flaws

By

The security flaws in the Windows version of Apple's media player, Quicktime will be left open as Apple announces its intention to stop patching it.

Badlock Bug patch issued, fixes MitM and DoS vulnerabilties

Badlock Bug patch issued, fixes MitM and DoS vulnerabilties

By

After several weeks of waiting, the update patching the Badlock bug, potentially impacting Windows and Linux systems, was issued today by Samba.org.

Weak encryption vulnerability in SAP Download Manager leaks passwords

By

A Core Security Consulting researcher found that the SAP Download Manager stores credentials using weak encryption.

New botnet found popping PoS systems

New botnet found popping PoS systems

By

Researchers identify Operation Black Atlas, a new and growing super-adaptable botnet abusing legitimate Windows network functions

Microsoft Trusted Root Certificate Programme to lose trusting in 2016

By

With hopes to provide a more seamless and secure experience of Windows apps, Microsoft will be ridding of the ranks of its Trusted Root Certificate programme.

FireEye discovers two exploits in the wild which use Windows PowerShell scripts

FireEye discovers two exploits in the wild which use Windows PowerShell scripts

By

Researchers at FireEye have found that Windows PowerShell, the command-line tool, is vulnerable to two data leaking attacks.

'Devastating flaws' in Kerberos authentication protocol

'Devastating flaws' in Kerberos authentication protocol

By

Security watchers warn of authentication and authorisation flaws in Windows network environments

Vulnerability found in McAfee, Kaspersky and AVG anti-virus softwares

Vulnerability found in McAfee, Kaspersky and AVG anti-virus softwares

By

Three major anti-virus softwares have been shown to be vulnerable to a large coding vulnerability.

Cash machines in malware risk as embedded Windows XP reaches end of life

Cash machines in malware risk as embedded Windows XP reaches end of life

By

Banks are strictly Lastminute.com when it comes to updating embedded Windows XP operating systems in their ATMs, leaving 65,000 cash cows vulnerable to malware milking.

Win32/CompromisedCert.D is now certifiably Dell-stroyed

Win32/CompromisedCert.D is now certifiably Dell-stroyed

By

Windows Defender has come to the rescue giving users the ability to detect and remove the vulnerable Dell certificates from the certificate root store, as well as the affected binaries that might re-install it.

Windows accelerates SHA-1 deprecation

Windows accelerates SHA-1 deprecation

By

Microsoft is set to bring the date after which its Windows browsers will no longer accept SHA-1 to the middle of next year after new research has shown the cryptographic hash function to be even more vulnerable than previously thought.

Leaked D-Link security key allows hackers to disguise malware as legit

Leaked D-Link security key allows hackers to disguise malware as legit

By

A leak of a major technology company's security key has been discovered, allowing hackers to convince Windows that their malware is legit.

10K vulnerabilities in nearly 2K products, report says

10K vulnerabilities in nearly 2K products, report says

By

Researchers at Secunia detected nearly 10,000 vulnerabilities in nearly 2,000 products, including Oracle Solaris and IBM i5/OS.

Updates to Windows 7 and 8 compile more data

By

Four new updates to Windows 7 and 8 allow Microsoft to collect a variety of usage information.

Half of Patch Tuesday bulletins cover Windows 10

Half of Patch Tuesday bulletins cover Windows 10

By

Half of patch Tuesday fixes cover Windows 10

Windows Server Update Services open to attack

Windows Server Update Services open to attack

By

Hackers could subvert Windows Update to install malware in organisations

ICYMI: Tor rivals, Windows 10 and the cost of an APT

ICYMI: Tor rivals, Windows 10 and the cost of an APT

By

The latest ICYMI column looks at the biggest stories on SC this week, including a 'faster Tor', the security implications of Windows 10 and the actual cost of a real APT.

Malware writers create faulty cross-platform malware

Malware writers create faulty cross-platform malware

By

Malware could infect both Linux and Windows but luckily fails to do anything scary. .

SC Webcasts UK

Sign up to our newsletters

FOLLOW US