Microsoft has released an emergency update that plugs a critical zero-day vulnerability (CVE-2015-2426) that affects all supported versions of Windows and could allow attackers to remotely execute code on the victims' computer.
After analyzing the leaked data from last week's attack on Hacking Team, Vectra researchers discovered a previously unknown high severity vulnerability in Internet Explorer 11, which impacts a fully patched IE 11 web browser on both Windows 7 and Windows 8.1.
RiskIQ has discovered that 24 of the top 30 FTSE-listed companies in the UK are running web servers that will be out of support in less than a week, posing a potential security risk to both them and the public.
A Microsoft Office functionality that has been in use since the early 1990s can be exploited to deliver malicious, executable files to users without triggering widely used security software, claims security researcher Kevin Beaumont.
Another example of how vendors sometimes choose to improve usability to the detriment of user security has been recently discovered by security researcher and Microsoft MVP Patrick Barker.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.