PT-2026-2658

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to February 2026 Patch Tuesday updates Description A vulnerability exists in the Desktop Window Manager component of Microsoft Windows that can lead to the disclosure of sensitive information to an unauthorized...

Update now: November Patch Tuesday fixes Windows zero-day exploited in the wild

These updates fix serious security issues — including one that attackers are already exploiting to take control of Windows systems. By chaining it with other attacks, they can gain full admin access, install malware, steal data, or make deeper changes you wouldn’t normally be able to undo. Run...

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the...

Critical Windows Zero-Day Alert: No Patch Available Yet for Users

Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day.…...

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks

The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems. "In a successful attack, if a victim...

North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 CVSS score: 7.5, a memory corruption bug in the Scripting Engine...

Nokoyawa ransomware attacks with Windows zero-day

Updated April 20, 2023 In February 2023, Kaspersky technologies detected a number of attempts to execute similar elevation-of-privilege exploits on Microsoft Windows servers belonging to small and medium-sized businesses in the Middle East, in North America, and previously in Asia regions. These...

WARNING: Google Discloses Windows Zero-Day Bug Exploited in the Wild

Google has disclosed details of a new zero-day privilege escalation flaw in the Windows operating system that's being actively exploited in the wild. The elevation of privileges EoP vulnerability, tracked as CVE-2020-17087, concerns a buffer overflow present since at least Windows 7 in the Window...

Chinese Hacking Surges Amid Coronavirus Crisis

Plus: A Windows zero day, an iOS watering hole, and more of the week's top security news...

Latest Microsoft Update Patches New Windows 0-Day Under Active Attack

With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vulnerable computers. Microsoft’s December securi...

Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw

An anonymous security researcher going by the name of SandboxEscaper today publicly shared a second zero-day exploit that can be used to bypass a recently patched elevation of privilege vulnerability in the Microsoft Windows operating system. SandboxEscaper is known for publicly dropping zero-day...

GitHub ID is SandboxEscaper the user again upload 2 zero-day-vulnerability warning-the black bar safety net

GitHub ID is SandboxEscaper user before on GitHub uploaded a similar security function vulnerability after this time and released for the other two Microsoft zero-day demo code. As a result, the user in the past ten months the release of WIndows zero-day vulnerability has reached 7 months. The tw...

Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper today released proof-of-concept PoC exploit for a new zero-day vulnerability affecting Microsoft's Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day...

Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper today released proof-of-concept PoC exploit for a new zero-day vulnerability affecting Microsoft's Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day...

Windows ‘Deletebug’ Zero-Day Allows Privilege Escalation, Destruction

A proof-of-concept exploit for a Windows zero-day that works on fully patched Windows 10 machines has been released by a security researcher. It allows an attacker to delete any kind of file on a victim machine, including system data. The flaw no CVE has been assigned since it was just exposed on...

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosti...

Active Spy Campaign Exploits Unpatched Windows Zero-Day

The recently discovered Windows zero-day – which still doesn’t have a patch – has been used in the wild for the last week, with an active info-stealing campaign emerging just two days after its disclosure on Twitter. The flaw is a local privilege escalation vulnerability in the Windows Task...

FruityArmor APT Group Used Recently Patched Windows Zero Day

One of the four zero-day vulnerabilities Microsoft patched last week was being used by an APT group called FruityArmor to carry out targeted attacks, escape browser-based sandboxes, and execute malicious code in the wild. Anton Ivanov, a researcher at Kaspersky Lab, was credited by Microsoft for...

Threat Actor Leverages Windows Zero-day Exploit in Payment Card Data Attacks

In March 2016, a financially motivated threat actor launched several tailored spear phishing campaigns primarily targeting the retail, restaurant, and hospitality industries. The emails contained variations of Microsoft Word documents with embedded macros that, when enabled, downloaded and execut...

Sandworm APT Team Found Using Windows Zero Day Vulnerability

UPDATE–A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe. The vulnerability, which will be patched today by Microsoft, is...