Microsoft WinGet package manager failing from expired SSL certificate
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired. [...]
Microsoft software and cloud platforms underpin enterprise systems, so vulnerabilities and security advisories can affect identity, data, and operations.
Search across headline titles and summaries.
Background for this topic.
Microsoft is a technology company whose Windows, Microsoft 365, Azure, identity services, and developer tools form a widely deployed enterprise computing ecosystem. Its security relevance spans endpoint and server software, cloud control planes, authentication, collaboration data, and the update mechanisms used to maintain them.
Security news under this tag commonly concerns vulnerabilities requiring patching, exploits against exposed services, identity or token compromise, and misconfiguration of cloud permissions or authentication policies. Practitioners should verify affected versions and exposure, apply updates or mitigations, enforce multifactor authentication and least privilege, and monitor relevant audit logs. Incidents involving Microsoft-hosted identities or data may require rapid session and credential containment, investigation across cloud and on-premises systems, and assessment of privacy or regulatory obligations.
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired. [...]
Microsoft will soon add native support to Windows 11 for controlling the RGB lighting on computer peripherals, like mice and gaming keyboards. [...]
Microsoft will soon add native controls to Windows 11 for controlling the RGB lighting on computer peripherals, like mice and gaming keyboards. [...]
The authentication bypass used by the Nobelium group, best known for the supply chain attack on SolarWinds, required a massive, real-time investigation to uncover, Microsoft says.
Microsoft announced that it will retire Microsoft Support Diagnostic Tool (MSDT) troubleshooters in future versions of Windows, with MSDT ultimately being removed in 2025. [...]
Microsoft says apps using DirectX are crashing on Windows systems with outdated Intel drivers after installing November 2022 cumulative updates. [...]
Security hardware manufacturer SonicWall warned customers today of what it describes as a "limitation" of the web content filtering (WCF) feature on Windows 11, version 22H2 systems. [...]
Microsoft and Adobe have partnered to integrate the Adobe Acrobat PDF rendering engine directly into the Edge browser, replacing the existing PDF engine. [...]
A flaw in the Money Lover financial app for Android, iOS, and Windows allowed any logged-in member to see the email addresses and live transaction metadata for other users' shared wallets. [...]
A new QBot malware campaign dubbed "QakNote" has been observed in the wild since last week, using malicious Microsoft OneNote' .one' attachments to infect systems with the banking trojan. [...]
For the moment, victims can decrypt data without paying a ransom. But Clop is a ransomware variant that has caused havoc on Windows systems, so that's bound to change.
Microsoft announced on Tuesday a new version of its Bing search engine powered by a next-generation OpenAI language model more powerful than ChatGPT and specially trained for web search. [...]
Microsoft is investigating and working on addressing an ongoing outage affecting the company's Outlook webmail service. [...]
A new hacking campaign exploits Sunlogin flaws to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable Driver (BYOVD) attacks to disable security software. [...]
Microsoft's Digital Threat Analysis Center shared the findings last Friday in a blog post
E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month
An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023
An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware