Tuesday, March 25, 2025

Micropatches released for SCF File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for it

    While patching a SCF File NTLM hash disclosure issue on our security-adopted Windows versions, our researchers discovered a related v...
Friday, March 7, 2025

Micropatches Released for SCF File NTLM Hash Disclosure Vulnerability (No CVE)

  While we're on the subject of NTLM hash leaking vulnerabilities [1] [2] , we found this widely known issue of the same type that was p...
Thursday, February 13, 2025

Analysis of a Flaw in Microsoft's Patch for "copy2pwn" (CVE-2024-38213)

This is a story of a temporarily flawed Microsoft patch. CVE-2024-38213 is a vulnerability that causes files copied from WebDAV shared fold...
Tuesday, February 11, 2025

Micropatches Released for Microsoft Outlook Remote Code Execution Vulnerability (CVE-2025-21357)

January 2025 Windows updates brought a fix for CVE-2025-21357 , a remote code execution vulnerability in Microsoft Outlook. This vulnerabil...
Friday, February 7, 2025

Micropatches Released for Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2024-49019)

November 2024 Windows updates brought a fix for CVE-2024-49019 , a privilege escalation vulnerability allowing, under specific conditions, ...

Micropatches Released for Windows OLE Remote Code Execution (CVE-2025-21298)

    January 2025 Windows updates brought a fix for CVE-2025-21298 , a memory corruption issue in Windows OLE data processing that can be ex...
Tuesday, February 4, 2025

Micropatches Released for Windows Task Scheduler Elevation of Privilege Vulnerability (CVE-2024-49039)

  November 2024 Windows updates brought a fix for CVE-2024-49039 , a local privilege escalation issue allowing low-integrity code running on...