Lucene search
K

43 matches found

BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.6 views

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems, related to improper external management of file names or paths, allows attackers to escalate their privileges.

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems is related to incorrect external management of file names or file paths. Exploiting this vulnerability can allow attackers to increase their privileges...

6.8CVSS8AI score0.00365EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2024/10/08 2:0 p.m.62 views

October 8, 2024—KB5044288 (OS Build 25398.1189)

October 8, 2024—KB5044288 OS Build 25398.1189 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

9CVSS8.2AI score0.60954EPSS
Exploits4
Kaspersky
Kaspersky
added 2024/10/08 12:0 a.m.26 views

KLA73904 Multiple vulnerabilities in Microsoft System Center

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Configuration Manager can be...

9.8CVSS10AI score0.60661EPSS
Exploits3References5
Microsoft CVE
Microsoft CVE
added 2024/07/26 12:0 a.m.31 views

CVE-2024-5535

...

9.1CVSS7.5AI score0.05582EPSS
Exploits1
Kaspersky
Kaspersky
added 2024/02/20 12:0 a.m.34 views

KLA63962 PE vulnerability in Microsoft System Center

An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2024-21315 Related products Microsoft-Windows Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2024-21315 critical KB li...

7.8CVSS8.5AI score0.00633EPSS
Exploits0References15
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/10/23 4:0 p.m.17 views

Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave™ report

We are excited to share that Microsoft has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023. Microsoft received the highest possible scores in the strategy category for the vision and roadmap criteria. Forrester notes, “Microsoft’s outstanding roadmap for endpoint security...

6.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/10/11 4:0 p.m.23 views

Microsoft Defender for Endpoint now stops human-operated attacks on its own

Defenders need every edge they can get in the fight against ransomware. Today, were pleased to announce that Microsoft Defender for Endpoint customers will now be able automatically to disrupt human-operated attacks like ransomware early in the kill chain without needing to deploy any other...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2023/08/28 3:26 p.m.469 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 - WinRAR File Extension Spoofing Vulnerability...

7.8CVSS6.8AI score0.97798EPSS
Exploits49
Microsoft Secure
Microsoft Secure
added 2023/07/18 3:30 p.m.20 views

Microsoft Inspire: Partner resources to prepare for the future of security with AI

Cybersecurity is one of the most pressing challenges of our time. With an ever-changing threat landscape and siloed data across multiple security point solutions, defenders have limited visibility. It’s difficult to stay current and find cybersecurity professionals amid the global talent shortage...

6.7AI score
Exploits0
Kaspersky
Kaspersky
added 2023/02/14 12:0 a.m.26 views

KLA20226 Multiple vulnerabilities in Microsoft System Center

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in Microsoft Defender for Endpoint can be...

7.8CVSS8.5AI score0.00598EPSS
Exploits0References4
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/05 4:0 p.m.26 views

Detecting and preventing LSASS credential dumping attacks

Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...

0.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/05 4:0 p.m.31 views

Detecting and preventing LSASS credential dumping attacks

Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...

0.4AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/10/05 4:0 p.m.25 views

Detecting and preventing LSASS credential dumping attacks

Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...

0.4AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/10/05 4:0 p.m.29 views

Detecting and preventing LSASS credential dumping attacks

Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...

0.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/09/29 4:0 p.m.39 views

ZINC weaponizing open-source software

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center MSTIC observed activity targeting employees in organizations across multiple industries includi...

0.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/09/13 4:0 p.m.17 views

Secure your endpoints with Transparity and Microsoft

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Endpoint protection platforms EPPs are dead and no longer sufficient to protect your organization, right? Wrong. When it comes to cybersecurity, the ability to normalize and correlat...

6.8AI score
Exploits0
Kaspersky
Kaspersky
added 2022/09/13 12:0 a.m.21 views

KLA19248 PE vulnerability in Microsoft System Center

An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2022-35828 Related products Windows-Defender CVE list CVE-2022-35828 critical KB list Solution Install necessary updates from th...

7.8CVSS8.6AI score0.00464EPSS
Exploits0References3
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/07/27 2:0 p.m.67 views

Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

The Microsoft Threat Intelligence Center MSTIC and the Microsoft Security Response Center MSRC found a private-sector offensive actor PSOA using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and...

7.2CVSS8.8AI score0.52005EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/07/13 4:0 p.m.55 views

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple through Coordinated Vulnerability Disclosure CVD via Microsoft Security Vulnerability Research MSVR in October...

5CVSS8.2AI score0.07492EPSS
Exploits0
Kaspersky
Kaspersky
added 2022/07/12 12:0 a.m.28 views

KLA12583 SUI vulnerability in Microsoft System Center

A tampering vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-33637 Related products Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2022-33637 high KB list Solution Install necessary...

6.5CVSS7.1AI score0.01203EPSS
Exploits0References3
Rows per page
Query Builder