Microsoft has stopped development of the Remote Desktop Connection Manager (RDCMan) application after it has been identified as vulnerability. As the name suggests, this application allows remotely connecting to other Windows computers through RDP. Windows Live Experience team developed it for the internal use, but since the late 2000s it has become available to everyone… Continue reading Microsoft stopped RDCMan development due to a bug
Tag: Microsoft
Researchers found about 700 problematic Microsoft subdomains
Vullnerability researchers found about 700 problematic Microsoft subdomains and captured one of them for demonstration. Michel Gaschet, an information security specialist, reported about the problem back in February, and has been informing Microsoft of its many vulnerable subdomains for many years. “The company has thousands of subdomains at its disposal, many of which can be… Continue reading Researchers found about 700 problematic Microsoft subdomains
Hackers scan network for vulnerable Microsoft Exchange servers
Information security experts warn that hackers are already scanning the network for Microsoft Exchange servers that are vulnerable to CVE-2020-0688, which Microsoft developers fixed two weeks ago. The problem is related to the operation of the Exchange Control Panel (ECP) component and the inability of Microsoft Exchange to create unique cryptographic keys during installation. “The… Continue reading Hackers scan network for vulnerable Microsoft Exchange servers
FSF sent Microsoft developers an empty HDD for Windows 7 sources
The Free Software Foundation (FSF) sent Microsoft developers an empty HDD, asking company to write the Windows 7 source code. At the end of January 2020, in connection with the termination of support for Windows 7, the Free Software Foundation published an open letter and a petition calling on Microsoft to make Windows 7 free… Continue reading FSF sent Microsoft developers an empty HDD for Windows 7 sources
Microsoft fixed 0-day vulnerability in Internet Explorer and 99 more bugs in its products
Recent February “update Tuesday” became the largest for Microsoft in a long time: within its framework were fixed almost 100 different bugs, including the 0-day vulnerability in Internet Explorer, which was already under attack, and 11 other critical problems. Recall that back in January 2020, Microsoft reported a zero-day vulnerability in Internet Explorer, which the… Continue reading Microsoft fixed 0-day vulnerability in Internet Explorer and 99 more bugs in its products
Free Software Foundation encourages Microsoft to open Windows 7 source code
Admit that are you already tired of the news about Windows 7. Let it finally rest in peace. However, it’s hard to ignore that Microsoft, under pressure of the public opinion, will nevertheless release a patch from a bug that appeared as a result of installing the last “farewell” patch for all Windows 7 users,… Continue reading Free Software Foundation encourages Microsoft to open Windows 7 source code
Windows 7 users will not receive a patch for critical vulnerability in the IE
Microsoft said Windows 7 users would not receive a patch for a critical vulnerability in IE. The fix will be available only to Windows 7 users who paid for extended support. Just a few days after the end of official support for Windows 7, it became known about a critical vulnerability in Internet Explorer, and… Continue reading Windows 7 users will not receive a patch for critical vulnerability in the IE
Windows EFS can help encryptors and make work of antiviruses more difficult
Safebreach Labs reported that attackers could use the Windows Encrypting File System (EFS) for their needs. Windows EFS can help encryptors and make work of antiviruses more difficult. EFS has been part of Windows operating systems since the release of Windows 2000. Unlike full BitLocker encryption, EFS can selectively encrypt individual files or folders. Researchers… Continue reading Windows EFS can help encryptors and make work of antiviruses more difficult
IS specialist introduced a PoC exploit for one of the most dangerous vulnerabilities in Windows
The day after the release of the fix for one of the most dangerous vulnerabilities in the history of Windows, security researcher Saleem Rashid demonstrated how it can be used to present a malicious site as any site on the Internet in terms of cryptography. The talk is about the vulnerability CVE-2020-0601 in the cryptographic… Continue reading IS specialist introduced a PoC exploit for one of the most dangerous vulnerabilities in Windows
Microsoft released farewell updates for Windows 7 and Windows Server 2008
On January 14, 2020, Microsoft stopped supporting Windows 7 for PCs of private users, and at the same time finally finished support of the mobile Windows 10 Mobile (1709), but released a farewell update for these OSs. By tradition, on the last day of support, the developers released the final cumulative update for Windows 7,… Continue reading Microsoft released farewell updates for Windows 7 and Windows Server 2008