Hack Your Own Password — Windows Users Urged To Take Action Now

Windows users can protect themselves from falling victim to ongoing “hack your own password” attacks by doing these three ...
Computerworld

Unpatched DLL bugs let hackers exploit Windows 7 and IE9, says researcher

Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today. Microsoft ...
WeLiveSecurity

RomCom exploits Firefox and Windows zero days in the wild

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...
CRN

Attackers Gearing Up To Exploit Windows Messenger Security Hole

Released earlier this week, the exploit code - which has been crafted to run not only on attackers' Windows machines, but also on Linux and Unix boxes -crashes Windows systems not patched against a ...

Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit

A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager ...
Dark Reading

Novel Exploit Chain Enables Windows UAC Bypass

Researchers have flagged a weakness they're tracking as CVE-2024-6769, calling it a combination user access control (UAC) bypass/privilege escalation vulnerability in Windows. It could allow an ...
Dark Reading

Microsoft Windows DWM Zero-Day Poised for Mass Exploit

A trio of zero-days headline Microsoft's May Patch Tuesday update, which offers a modest spring bouquet of 59 CVEs in total (just a third of last month's downpour of patches for admins to deal with).
InfoWorld

Leaked NSA exploits plant a bull’s-eye on Windows Server

Friday’s release of suspected NSA spying tools is bad news for companies running Windows Server. The cyberweapons, which are now publicly available, can easily hack older versions of the OS. The ...