Digital Journal

Microsoft to patch Office exploit that allows code execution

The vulnerability was discovered by security research firm FireEye. A team of researchers found malicious Microsoft Office files which download and install malware from various web servers when the ...
SiliconANGLE

Aim Security details first known AI zero-click exploit targeting Microsoft 365 Copilot

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...
Dark Reading

'Void Banshee' Exploits Second Microsoft Zero-Day

Microsoft has recategorized a bug that the company fixed in this month's Patch Tuesday update as a zero-day vulnerability, which the "Void Banshee" advanced persistent threat group has been exploiting ...
Computerworld

Microsoft updates EMET security tool to fix compatibility issues, harden exploit mitigations

Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a security program popular with companies, was updated Monday to harden the exploit mitigations that it adds to other programs and to address ...
Ars Technica

Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.

Researchers have unearthed two publicly available exploits that completely evade protections offered by Secure Boot, the industry-wide mechanism for ensuring devices load only secure operating system ...