Microsoft Discloses 4 Zero-Days in September Update
This month's Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year.
Microsoft Office 2024 to disable ActiveX controls by default
After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client…
Microsoft’s Sway Serves as Launchpad for ‘Quishing’ Campaign
The attack is a mashup of QR codes and phishing that gets users to click on links to malicious Web…
Microsoft discloses Office zero-day, still working on a patch
Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. [...]
Microsoft discloses unpatched Office flaw that exposes NTLM hashes
Microsoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. [...]
Proofpoint settings exploited to send millions of phishing emails daily
A massive phishing campaign dubbed "EchoSpoofing" exploited a security gap in Proofpoint's email protection service to dispatch millions of spoofed…
Microsoft finally fixes Outlook alerts bug caused by December updates
Microsoft has finally fixed a known Outlook issue, confirmed in February, which was triggering incorrect security alerts after installing the…
Facebook ads for Windows desktop themes push info-stealing malware
Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware.…
Microsoft 365, Office users hit by wave of ‘30088-27’ update errors
Over the last month, Microsoft 365 and Microsoft Office users have been experiencing "30088-27" errors when attempting to update the application.…
ONNX phishing service targets Microsoft 365 accounts at financial firms
A new phishing-as-a-service (PhaaS) platform called ONNX Store is targeting Microsoft 365 accounts for employees at financial firms using QR…