CVE-2026-21265

CVE-2026-21265 describes a Secure Boot bypass tied to expiration of Microsoft root certificates in the UEFI KEK/DB chain. Affected certificates include KEK CA 2011 (expires 2026-06-24), UEFI CA 2011 (expires 2026-06-27), and Windows Production PCA 2011 (expires 2026-10-19). The vulnerability aris...

Secure Boot Certificate Expiration Security Feature Bypass Vulnerability

Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes...

QuickBooks popup scam still being delivered via Google ads

Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot by the classic Microsoft tech support scams. We've seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a pho...

Exploit for Improper Certificate Validation in Microsoft

ADVulnScanner Detects common vulnerabilities in...

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The...

Injecting Code into Windows Protected Processes using COM - Part 1

Posted by James Forshaw, Google Project Zero At Recon Montreal 2018 I presented “Unknown Known DLLs and other Code Integrity Trust Violations” with Alex Ionescu. We described the implementation of Microsoft Windows’ Code Integrity mechanisms and how Microsoft implemented Protected Processes PP. A...

Microsoft Certificate Authority Configuration for Citrix Endpoint Management

The primary intent of this article is to provide steps on how an admin can enable certificate based authentication for Citrix Endpoint Management in MSCA...

Microsoft Unauthorized Digital Certificates Spoofing Vulnerability (2728973)

This host is installed with Microsoft Windows operating system and is prone to Spoofing vulnerability. OpenVAS Vulnerability Test $Id: gbmsunauthdigitalcertspoofingvuln.nasl 8323 2018-01-08 14:50:05Z gveerendra $ Microsoft Unauthorized Digital Certificates Spoofing Vulnerability 2728973 Authors:...

Flame Attackers Used Collision Attack to Forge Microsoft Certificate

The attackers behind the Flame malware used a collision attack against a cryptographic algorithm as part of the method for gaining a forged certificate to sign specific components of the attack tool. Microsoft officials said on Tuesday that it’s imperative for customers to install the update issu...

Microsoft Windows Unauthorized Digital Certificates Spoofing Vulnerability (2718704)

Microsoft Windows operating system is prone to a digital certificates spoofing vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Certificate Services crossite scripting

Crossite scripting in Active Directory Certificate Services Web Enrollment...