Get a Pentest and security assessment of your IT network.

Cyber Security

Googler Drops Windows Zero-Day, Microsoft Unhappy

Google security researcher Tavis Ormandy has released details of a zero-day vulnerability affecting the Microsoft Windows Help and Support Center without giving Microsoft adequate time to prepare a patch. The vulnerability, which is due to improper sanitization of hcp:// URIs may allow a remote, unauthenticated attacker to execute arbitrary commands. Microsoft is expected to issue a formal security advisory with workarounds and mitigation guidance later today. Affected Windows users can unregister the HCP protocol to protect themselves using the following steps.

Source: https://threatpost.com/googler-drops-windows-zero-day-microsoft-unhappy-061010/74093/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation