CVE-2022-28791

Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files...

Don’t Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601

So much for a quiet January! By now you must have heard about the new Microsoft® vulnerability CVE-2020-0601, first disclosed by the NSA making it the first Windows bug publicly attributed to the National Security Agency. This vulnerability is found in a cryptographic component that has a range o...

Anti-Virus Updates Required Ahead of Microsoft’s Meltdown, Spectre Patches

Microsoft said it is holding off delivering security updates to Windows PCs for Spectre and Meltdown CPU flaws until hosted anti-virus software confirms it does not make unsupported calls into Windows kernel memory. Affected are PCs running certain AV products that bypass Windows built-in Kernel...

Necurs Rootkit Infections Way Up

Infections from a nasty bit of malware, generally delivered by the Black Hole Exploit Kit, surged in November, hitting more than 83,000 machines. Microsoft’s Malware Protection Center rates the Necurs rootkit threat as severe. Dubbed a rootkit by Kaspersky Lab, Necurs has many dimensions to it...

Denis Nazarov

Gathering his statistics from the Kaspersky Security Network, Denis Nazarov, head of Kaspersky Lab’s Anti-Malware Research US, compared infection rates on x86 and x64 versions of Windows while describing Kernel Patch Protection technology...

TDL4 Rootkit Bypasses Windows Code-Signing Protection

In recent versions of Windows, specifically Vista and Windows 7, Microsoft has introduced a number of new security features designed to prevent malicious code from running. But attackers are continually finding new ways around those protections, and the latest example is a rootkit that can bypass...