Dark Reading

Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs

Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a wide range of its products.
Dark Reading

Microsoft Zero-Day Bugs Allow Security Feature Bypass

IT teams should prioritize the patching of two zero-day vulnerabilities, one in Microsoft Outlook's authentication mechanism and another that's a Mark of the Web bypass, security experts said today.
Neowin

Google found ransomware bypassing Microsoft's SmartScreen that was fixed for Patch Tuesday

Google says hackers were delivering the Magniber ransomware by using a flaw in Microsoft's SmartScreen feature. Google informed Microsoft of the issue which was fixed in today's Patch Tuesday release.
Bleeping Computer

Microsoft patches Windows zero-day used to drop ransomware

Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. The attackers used ...
Computer Weekly

Microsoft patches two zero-days for Valentine’s Day

Microsoft has patched two actively exploited zero-day vulnerabilities in its February Patch Tuesday – a pair of security feature bypasses affecting Internet Shortcut Files and Windows SmartScreen ...
Bleeping Computer

Microsoft fixes Windows zero-day exploited in ransomware attacks

Microsoft has patched another zero-day bug used by attackers to circumvent the Windows SmartScreen cloud-based anti-malware service and deploy Magniber ransomware payloads without raising any red ...