Microsoft Is in No Hurry to Fix the Follina Vulnerability, Which Has Become a Real Disaster

Hackers are actively exploiting the critical 0-day Follina vulnerability, which Microsoft is in no hurry to fix. Researchers warn that European governments and municipalities in the US have been targeted by a phishing campaign using malicious RTF documents. Let me remind you that the discovery of Follina became known at the end of May, although… Continue reading Microsoft Is in No Hurry to Fix the Follina Vulnerability, Which Has Become a Real Disaster

Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service

Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service Access to Work or School. The problem is present on devices running Windows 10, version 1809 (and later). The bug is related to a bypass of the information disclosure patch (CVE-2021-24084) released by Microsoft engineers in February this year. This month, cybersecurity researcher… Continue reading Unofficial fixes released for 0-day issue in Windows Mobile Device Management Service

Unofficial patch published for PrintNightmare vulnerability

Last week I talked about a PoC exploit for the dangerous vulnerability CVE-2021-34527 in Windows Print Spooler (spoolsv.exe), which researchers named PrintNightmare, and now an unofficial patch for this problem has been published. When the exploit was published, the researchers found that the patch released in June did not completely fix the problem. Moreover, the… Continue reading Unofficial patch published for PrintNightmare vulnerability