News
Microsoft Windows software
-
June 11, 2025
11
Jun'25
June Patch Tuesday brings a lighter load for defenders
Barely 70 vulnerabilities make the cut for Microsoft’s monthly security update, but an RCE flaw in WEBDAV and an EoP issue in Windows SMB Client still warrant close attention
-
May 20, 2025
20
May'25
Build 2025: Microsoft opens up Windows machine learning
Windows machine learning is one of the highlights of this year’s Microsoft annual developer event. The company is also paving the way to multi-agent artificial intelligence in Windows
-
May 13, 2025
13
May'25
May Patch Tuesday brings five exploited zero-days to fix
Microsoft fixes five exploited, and two publicly disclosed, zero-days in the fifth Patch Tuesday update of 2025
-
April 23, 2025
23
Apr'25
Amid uncertainty, Armis becomes newest CVE numbering authority
Amid an uncertain future for vulnerability research, exposure management company Armis has been given the authority to assign CVE IDs to newly discovered vulnerabilities
-
April 04, 2025
04
Apr'25
Microsoft at 50: Enterprise IT for the masses
On 4 April 1975, Paul Allen and Bill Gates formed Microsoft, a company that defined the PC era and opened up computing for all
-
March 11, 2025
11
Mar'25
March Patch Tuesday brings 57 fixes, multiple zero-days
The third Patch Tuesday of 2025 brings fixes for 57 flaws and a hefty number of zero-days
-
February 27, 2025
27
Feb'25
CVE volumes head towards 50,000 in 2025, analysts claim
Many trends, notably a big shift to open source tools, are behind an expected boom in the number of disclosed vulnerabilities
-
January 15, 2025
15
Jan'25
Biggest Patch Tuesday in years sees Microsoft address 159 vulnerabilities
The largest Patch Tuesday of the 2020s so far brings fixes for more than 150 CVEs ranging widely in their scope and severity – including eight zero-day flaws
-
December 17, 2024
17
Dec'24
Top 10 end user computing stories of 2024
Here are Computer Weekly’s top 10 end user stories of the year, overlooking the growth of new PC form factors and devices equipped with neural processing units for AI acceleration
-
December 10, 2024
10
Dec'24
Dangerous CLFS and LDAP flaws stand out on Patch Tuesday
Microsoft has fixed over 70 CVEs in its final Patch Tuesday update of the year, and defenders should prioritise a zero-day in the Common Log File System Driver, and another impactful flaw in the Lightweight Directory Access Protocol
-
November 20, 2024
20
Nov'24
Microsoft Ignite: A $4m zero-day reward plus $349 thin client
A $4m cyber hackathon prize was revealed at Ignite as part of Microsoft’s latest IT security efforts, as well as a new locked-down client device called Windows 365 Link
-
November 12, 2024
12
Nov'24
Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024
High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update
-
October 31, 2024
31
Oct'24
AI becomes Microsoft’s fastest-growing business
Artificial intelligence has delivered $10bn to Microsoft’s bottom line, but the business is not in cloud GPUs for third-party inference engines
-
October 09, 2024
09
Oct'24
Five zero-days to be fixed on October Patch Tuesday
Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform
-
September 25, 2024
25
Sep'24
CrowdStrike apologises to US government for global mega-outage
CrowdStrike executive Adam Meyers appears before a US government committee to explain the series of errors that led directly to one of the biggest IT outages in history
-
September 23, 2024
23
Sep'24
Microsoft shares progress on Secure Future Initiative
Microsoft has published a progress report on its Secure Future Initiative, launched last year in the wake of multiple security incidents, and made a series of commitments to improve its internal cyber culture
-
September 11, 2024
11
Sep'24
September Patch Tuesday: Update before 1 October
Four critical remote code execution bugs in Windows and three critical elevated privileges vulnerabilities will keep admins busy
-
August 19, 2024
19
Aug'24
Popular Microsoft apps for Mac at risk of code injection attacks
Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem
-
August 14, 2024
14
Aug'24
August Patch Tuesday proves busy with six zero-days to fix
Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update
-
August 07, 2024
07
Aug'24
Microsoft and CrowdStrike hit back at Delta’s legal threats
Microsoft and CrowdStrike have rejected claims by Delta Air Lines that it was left high and dry amid thousands of flight cancellations during July’s software outage, accusing the airline of ignoring their offers of help and running out-of-date IT ...
-
August 05, 2024
05
Aug'24
Chinese cyber attack sparks alert over six-year-old MS vuln
After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824
-
August 01, 2024
01
Aug'24
CrowdStrike shareholders sue, alleging false security claims
A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage
-
July 29, 2024
29
Jul'24
Scam CrowdStrike domains growing in volume
Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out
-
July 29, 2024
29
Jul'24
CrowdStrike says most Falcon sensors now up and running
The vast majority of CrowdStrike Falcon sensors affected by a coding error have now been recovered, with a final resolution expected this week
-
July 25, 2024
25
Jul'24
Why is CrowdStrike allowed to run in the Windows kernel?
Microsoft has pointed the finger at EU regulators, blaming them for a ruling that means it needs to offer third parties access to the core Windows OS
-
July 24, 2024
24
Jul'24
CrowdStrike blames outage on content configuration update
CrowdStrike publishes the preliminary findings of what will be a lengthy investigation into the root causes of the failed 19 July update that caused Windows computers to crash all over the world
-
July 23, 2024
23
Jul'24
Why did CrowdStrike cause the Windows Blue Screen?
The ‘blue screen of death’ signals a catastrophic Windows failure, which is exactly what many people faced on 19 July 2024 – but why did it happen?
-
July 22, 2024
22
Jul'24
CrowdStrike chaos shows risks of concentrated ‘big IT’
The concentration of so much mission-critical technology in the hands of a few large suppliers makes incidents like the Microsoft-CrowdStrike outage all the more dangerous
-
July 19, 2024
19
Jul'24
Global Microsoft outage hits NHS GP IT system
The Emis Web IT system used by more than half of GP practices in the UK is down, following the worldwide Microsoft outage
-
July 19, 2024
19
Jul'24
CrowdStrike security update fails Windows PCs globally
An update to the security firm’s Falcon service has led to many Windows users being unable to work this morning. Microsoft 365 is also affected
-
July 15, 2024
15
Jul'24
Schools hit with cost hike as free Microsoft licences end
The A1 Plus academic licence, which gave teachers and pupils access to the Microsoft productivity suite, stops in August
-
July 09, 2024
09
Jul'24
Hyper-V zero-day stands out on a busy Patch Tuesday
Microsoft has fixed almost 140 vulnerabilities in its latest monthly update, with a Hyper-V zero-day singled out for urgent attention
-
June 13, 2024
13
Jun'24
Black Basta ransomware crew may be exploiting Microsoft zero-day
A Microsoft vulnerability that was addressed without fanfare in March may in fact have been exploited as a zero-day by the notorious Black Basta ransomware gang, threat hunters warn
-
May 30, 2024
30
May'24
The challenges of supporting Copilot+ PCs in the enterprise
Windows PCs generally use x86 compatible hardware, with Intel or AMD processors. Microsoft is now propelling Windows on Arm for AI
-
May 15, 2024
15
May'24
Critical SharePoint, Qakbot-linked flaws focus of May Patch Tuesday
A critical SharePoint vulnerability warrants attention this month, but it is another flaw that seems to be linked to the infamous Qakbot malware that is drawing attention
-
May 06, 2024
06
May'24
Microsoft beefs up cyber initiative after hard-hitting US report
Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems
-
April 26, 2024
26
Apr'24
Microsoft sees datacentre investments key to AI leadership
Microsoft is reportedly spending between $50 to $100m to build out AI infrastructure
-
April 10, 2024
10
Apr'24
Patch Tuesday: Windows Server 2008 receives emergency security patch
Support for the OS ended in 2020, but four years on and there's a live exploit of a security flaw that impacts all Windows users
-
March 12, 2024
12
Mar'24
March Patch Tuesday throws up two critical Hyper-V flaws
Two critical vulnerabilities in Windows Hyper-V stand out on an otherwise unremarkable Patch Tuesday
-
February 29, 2024
29
Feb'24
Windows 11: Not as big a priority in EMEA compared with North America
Survey shows that IT decision-makers are prioritising desktop productivity and PC refreshes this year, with more in the US prioritising spending on PCs and Windows 11 upgrades
-
February 14, 2024
14
Feb'24
Microsoft patches two zero-days for Valentine’s Day
Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues
-
January 15, 2024
15
Jan'24
How legal disclosure failures disrupted the Post Office Horizon inquiry
From overly narrow search terms, overzealous deduplication of documents and failed email migrations, poor management of legal discovery has delayed justice for postmasters in the Horizon inquiry
-
January 10, 2024
10
Jan'24
Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs
Microsoft starts 2024 right with another slimline Patch Tuesday drop, but there are some critical vulns to be alert to, including a number of man-in-the-middle attack vectors
-
December 13, 2023
13
Dec'23
Microsoft’s Christmas present for cyber teams: no zero-days
Barely 30 vulnerabilities, and no zero-days, have been fixed in the final Patch Tuesday drop of 2023
-
November 15, 2023
15
Nov'23
November Patch Tuesday heralds five new MS zero-days
Microsoft pushes fixes for five new zero-days in its latest monthly update
-
September 13, 2023
13
Sep'23
Storm-0324 gathers over Microsoft Teams
An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks
-
September 13, 2023
13
Sep'23
Patch Tuesday: Microsoft fixes zero-days in Word and Streaming Service
September 2023 brings a light Patch Tuesday, with two zero-days and five critical vulnerabilities listed in the latest release
-
September 07, 2023
07
Sep'23
Microsoft finds Storm-0558 exploited crash dump to steal signing key
Microsoft has published new information on how the Chinese state threat actor Storm-0558 was able to exploit a rare race condition following a crash dump in order to acquire a consumer signing key
-
August 23, 2023
23
Aug'23
Cameyo offers Windows apps delivery on Chrome devices
The company claims access to Windows and Linux apps without the need to install desktop virtualisation infrastructure and VPNs
-
August 09, 2023
09
Aug'23
Microsoft addresses Office vulnerability attacked by Russian spooks in latest update
Microsoft has issued fixes for over 70 vulnerabilities in its August Patch Tuesday drop, including remedies for CVE-2023-36884, which was disclosed without a fix in July and has been the subject of Kremlin-backed cyber attacks