Microsoft pushes OOB security updates for Windows Snipping tool flaw
Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability. [...]
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability. [...]
Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability
On the third day of the Pwn2Own hacking contest, security researchers were awarded $185,000 after demonstrating 5 zero-day exploits targeting Windows 11, Ubuntu Desktop, and the VMware Workstation virtualization software. [...]
Microsoft today published a detailed guide aiming to help customers discover signs of compromise via exploitation of a recently patched Outlook zero-day vulnerability. [...]
Not a headline we expected to write today American cybersecurity officials have released an early-warning system to protect Microsoft cloud users.…
Any app that can improve business operations is quickly added to the SaaS stack. However, employees don't realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk
During the second day of Pwn2Own Vancouver 2023, competitors were awarded $475,000 after successfully exploiting 10 zero-days in multiple products. [...]
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments. [...]
Microsoft announced that the new Windows 11 build rolling out to Insiders in the Canary channel comes with increased protection against phishing attacks and support for SHA-3 cryptographic hash functions. [...]
Microsoft is testing an updated version of the Windows 11 Snipping Tool that fixes a recently disclosed 'Acropalypse' privacy flaw that allows the partial restoration of cropped images. [...]
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023
On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, Windows 11, and macOS zero-day exploits and exploit chains to win $375,000 and a Tesla Model 3. [...]
Turns out that the Windows 11 Snipping Tool has the same "aCropalypse" data leakage bug as Pixel phones. Here's how to work around the problem...
Microsoft has released a new Windows 11 preview build that adds a new dedicated USB4 settings page and support for displaying seconds in the system tray clock. [...]
The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware
Microsoft has released the optional KB5023773 Preview cumulative update for Windows 10 20H2, Windows 10 21H2, and Windows 10 22H2, with ten fixes for various issues. [...]
Microsoft says the KB5007651 Microsoft Defender Antivirus update triggers Windows Security warnings on Windows 11 systems saying that Local Security Authority (LSA) Protection is off. [...]
A severe privacy flaw named 'acropalypse' has also been found to affect the Windows Snipping Tool, allowing people to partially recover content that was edited out of an image. [...]
And Google Cloud is next Microsoft has torn the wraps off its multi-cloud security benchmark (MCSB), which replaces the four-year-old Azure Security Benchmark. Crucially, as the name suggests, it now has usage and configuration guidance that reaches into rival environments.…
Mozilla has addressed issues causing Firefox to crash on macOS and to freeze with a non-responding blank window when starting on Windows 11 systems. [...]