Microsoft is introducing a new security feature in Exchange Server designed to protect against security threats that have known mitigations. According to the company, the Emergency Mitigation feature is a built-in version of the Exchange On-premises Mitigation Tool (EOMT) that works with the cloud-based Office Config Service (OCS) to provide protection against known threats. It’s […]
Microsoft is warning of a new zero-day vulnerability in Windows MSHTML that allows attackers to perform remote code execution via a malicious ActiveX control and a Microsoft Office document. Microsoft and CISA issued warnings about the vulnerability this week, with both saying the vulnerability has been exploited in the wild. It has been assigned to […]
Microsoft has released additional guidance to mitigate the cloud vulnerability in the Azure Cosmos DB Jupyter Notebook feature, but reaffirms that only a “subset” of customers who had the feature enabled were vulnerable. Further, no customer data was accessed because of this vulnerability, and impacted customers who’s primary read-write keys may have been impacted were […]
As if the list of software vulnerabilities and cybersecurity threats to mitigate isn’t long enough already, IT professionals now need to be aware of newly disclosed vulnerabilities in Windows and Linux operating systems that could give local attackers elevated privileges. Both vulnerabilities were disclosed Tuesday and come as IT professionals grapple with keeping systems up […]
Just when we thought the Windows Print Spooler vulnerability was addressed, Microsoft has released information about another vulnerability in the service that could allow an attacker to run arbitrary code with SYSTEM privileges. The company is currently developing a security update to address this vulnerability, which is tracked as CVE-2021-34481. This comes after Microsoft previously […]
SolarWinds says it was notified of an actively exploited vulnerability in its Serv-U managed File Transfer Server and Serv-U Secured FTP.
IT administrators are being warned of an actively exploited remote code execution vulnerability in Windows Print Spooler that could allow an attacker to install programs, view or change data or create new accounts with full user rights. The vulnerability is being referred to as PrintNightmare (CVE-2021-34527), which Microsoft says is slightly different from another vulnerability […]
Microsoft has identified three new vulnerabilities in a series of NETGEAR routers that can compromise a network’s security and give attacker free reign throughout an entire organization. In a new blog, the Microsoft 365 Defender Research Team says that while researching device fingerprinting in the new device discovery capabilities in Microsoft Defender for Endpoint, it […]
VMWare is urging users to apply a patch to address two critical vulnerabilities in VMware vCenter and VMware Cloud Foundation to fix remote code execution and authentication vulnerabilities. According to the company’s advisory, multiple vulnerabilities in the vSphere Client were privately reported to VMware., including remote code execution vulnerability in the vSphere Client due to […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!