Windows

(get it in RSS or Atom)

Europol takedown of Ramnit botnet frees 3.2 million PCs from cybercriminals' grasp

by John Zorabedian on February 27, 2015 | 2 Comments
Ramnit botnet

In an international operation coordinated with multiple law enforcement and industry partners, Europol led a takedown of the infrastructure of the Ramnit botnet that infected 3.2 million Windows computers.

Microsoft pulls PowerPoint-killing patch KB2920732

by Lee Munson on February 16, 2015 | 4 Comments
Safety pins. Image courtesy of Shutterstock.

The latest in a series of Microsoft patch failures rendered PowerPoint inoperable on devices running Windows RT.

What do you mean, "Facebook is now text only"? - 60 Sec Security [VIDEO]

by Paul Ducklin on February 14, 2015 | Leave a comment
60ss-video-250

Here's the latest episode of our weekly one-minute security video.

Fun, fast...and educational.

SSCC 185 - "I have a number for you: Eighty Million" [PODCAST]

by Paul Ducklin on February 13, 2015 | Leave a comment
chet-chat-logo-featured-250

Our weekly "Chet Chat" podcast is carefully prepared to fit into a quarter-hour, so it is clear and concise as well as being witty and amusing.

Enjoy...

The "JASBUG" Windows vulnerability - beyond the hype, what you need to know

by Paul Ducklin on February 11, 2015 | 11 Comments
jasbug-500

Struggling to understand the JASBUG flaw fixed by Microsoft in this month's Update Tuesday?

Paul Ducklin explains it clearly, with minimal jargon.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

by Paul Ducklin on February 11, 2015 | 1 Comment
patch-tuesday-denim-250

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

Internet Explorer has a Cross Site Scripting zero-day bug

by Paul Ducklin on February 4, 2015 | Leave a comment
ie11-250

Another day, another zero-day.

This time, it's Internet Explorer that is attracting the sort of publicity a browser doesn't want, with the public disclosure of an XSS bug.

SSCC 181 - The Security Duel: "Bug reports at 15 paces" [PODCAST]

by Paul Ducklin on January 15, 2015 | 4 Comments

Microsoft vs. Google - Google vs. Users - Hackers vs. US Army - the fight is on in the latest episode of our weekly security podcast!

Enjoy...

Update Tuesday wrap-up, January 2015 - See? We didn't use the word "Patch"!

by Paul Ducklin on January 14, 2015 | 5 Comments

Like fingers and thumbs, not all updates are patches, even if all patches are updates.

So, here's the skinny on Update Tuesday...including the security patches, of course.

Windows 7: Everything new is old again

by Chester Wisniewski on January 14, 2015 | 15 Comments
Setting up parental controls on Windows 7

Hard to believe, but Microsoft Windows 7 is already halfway through its useful life. If we don't want to repeat the sins of Windows XP, it is time to plan our next move.

"Dear Facebook, I DEMAND that you ignore my demands" - 60 Sec Security [VIDEO]

by Paul Ducklin on January 10, 2015 | Leave a comment

Our weekly security news video, for your viewing pleasure.

Fun with a serious side, in just one minute...watch now!

Microsoft discontinues Advance Notification Service, but why?

by Chester Wisniewski on January 9, 2015 | 13 Comments
Microsoft. Image from Shutterstock

Microsoft kicked off 2015 by discontinuing its Advance Notification Service which alerted IT professionals to fixes that would ship the following week, allowing time to prepare staff and systems.

SSCC 180 - Surely zero-days come from cybercrooks, not from Silicon Valley? [PODCAST]

by Paul Ducklin on January 7, 2015 | Leave a comment

Enjoy the first 2015 episode of our popular weekly security podcast.

In this episode: zero-day politics, leaky security features, Bitcoin news, and a shout out to our New Year #sophospuzzle winners!

Zero-day in Windows 8.1 disclosed by Google

by Chester Wisniewski on January 3, 2015 | 15 Comments
ProjectZeroFullDisclosure

A new zero day vulnerability has been disclosed in Microsoft Windows 8.1. Who is behind releasing the attack code behind this flaw? Google.

From Facebook, through iPhones and Androids, to Macs - make the safest start to 2015!

by Paul Ducklin on December 30, 2014 | Leave a comment

Are you looking to turn over a new security leaf yourself in 2015, or trying to convince your friends and family to do so?

Here are some great places to start...

"Like fish and chips without the fish. Or the chips"... 60 Sec Security [VIDEO]

by Paul Ducklin on December 13, 2014 | Leave a comment

Here's the latest episode of our 60 Second Security video.

Enjoy the week's news in just one minute...

Microsoft pulls Patch Tuesday fix - "Outlook can't connect to Exchange"

by Paul Ducklin on December 12, 2014 | 9 Comments
ehlo-250

Part of Patch Tuesday is now only partly available as Microsoft recalls its already-delayed Exchange 2010 update.

Paul Ducklin takes a look...

12 Days competition: Day 2 - Microsoft waved goodbye to this fondly remembered ex-P

by Naked Security writer on December 2, 2014 | 5 Comments
12d-d2-250

In April 2014 Microsoft said adieu to its stalwart OS but despite seven years of warnings some weren't ready to let it go.

Can you work out the answer to our question in Day 2 of our 12 Days of Christmas competition?

"That's not a hack..." - 60 Sec Security [VIDEO]

by Paul Ducklin on November 22, 2014 | Leave a comment

Here's our latest 60 Second Security video.

One week of news in one amusingly informative minute...

Microsoft "tops up" Patch Tuesday, issues delayed fix for zero-day hole in logon security

by Paul Ducklin on November 19, 2014 | 2 Comments

Microsoft has issued a "top up" security bulletin for a fix that didn't quite make it into the November 2014 Patch Tuesday.

The vulnerability can be used to turn any user into a domain administrator, and it's been exploited in the wild...