News & Events

News tagged "Windows Security"

Cyberscoop – Critical Windows DNS Vulnerability Gives Hackers the ‘Keys to the Kingdom’

Malicious attackers could potentially take over a user’s computer or server due to several critical vulnerabilities in the Windows DNS client. These vulnerabilities affect millions of Windows users and Microsoft has urged anyone using Windows 8 through 10 or enterprises using Windows Server 2012 through 2016 to immediately patch their systems. The Cyberscoop article …

Bishop Fox Discovers Critical Vulnerabilities in Windows DNS Client

CVE-2017-11779 Could Lead to Takeover of User’s Device; Microsoft Releases Patch in Response to Researcher’s Findings PHOENIX, Oct. 10, 2017 — CVE-2017-11779, which addresses several memory corruption vulnerabilities in the Windows DNS client, was released today as part of Microsoft’s October 2017 Patch Tuesday security update. Microsoft has classified this CVE as critical, and anyone …

Advisories

Windows File Time Stamp Display Flaw

Windows file time stamps can be set to extremely low values via the NtSetInformationFile() system call. The Windows API does not properly translate the low 64-bit time values stored on disk into human readable format, and displays no information instead. Although this is not a security vulnerability in itself, it adversely affects third-party applications that rely upon the Windows API to perform the translation.

Metasploit Anti-Forensics Project, Windows Security