PROBABLYPWNED
Home/Tag/Microsoft

Microsoft

48 articles tagged with "Microsoft"

RoguePlanet Zero-Day Bypasses Fully-Patched Windows Defender
Vulnerabilities3 min read

RoguePlanet Zero-Day Bypasses Fully-Patched Windows Defender

Security researcher Nightmare Eclipse releases fourth Microsoft Defender zero-day in months, granting SYSTEM privileges on patched Windows 10 and 11 systems. Here's what defenders need to know.

Vulnerability DeskJun 11, 2026
Microsoft Patches 206 Flaws Including Wormable Kernel RCE
Vulnerabilities4 min read

Microsoft Patches 206 Flaws Including Wormable Kernel RCE

Microsoft's record-breaking June 2026 Patch Tuesday fixes 206 vulnerabilities including CVE-2026-45657, a CVSS 9.8 wormable kernel flaw allowing remote code execution without authentication.

Vulnerability DeskJun 10, 2026
Microsoft Dismantles Fox Tempest Malware-Signing Operation
Threat Intelligence3 min read

Microsoft Dismantles Fox Tempest Malware-Signing Operation

Microsoft's Digital Crimes Unit seizes infrastructure behind Fox Tempest, a malware-signing service that helped Rhysida, Akira, and Qilin ransomware gangs disguise malicious code as legitimate software.

Threat Intel DeskMay 20, 2026
Microsoft Fixes 120 Flaws in May Patch Tuesday, 17 Critical
Vulnerabilities3 min read

Microsoft Fixes 120 Flaws in May Patch Tuesday, 17 Critical

Microsoft's May 2026 Patch Tuesday addresses 120 vulnerabilities including 17 critical RCE flaws. No zero-days, but Word preview pane attacks and Netlogon bugs demand immediate attention.

Vulnerability DeskMay 13, 2026
APT28 Exploiting Windows Shell Flaw to Steal NTLM Credentials
Vulnerabilities5 min read

APT28 Exploiting Windows Shell Flaw to Steal NTLM Credentials

Russian state hackers weaponize CVE-2026-32202, an incomplete patch for Windows Shell that enables zero-click NTLM hash theft. Microsoft confirms active exploitation after Akamai discovers the bypass.

Vulnerability DeskApr 28, 2026
PhantomRPC: Unpatched Windows Flaw Enables SYSTEM Escalation
Vulnerabilities5 min read

PhantomRPC: Unpatched Windows Flaw Enables SYSTEM Escalation

Kaspersky discloses PhantomRPC, an architectural Windows RPC vulnerability enabling SYSTEM-level privilege escalation across all Windows versions. Microsoft declined to patch despite five exploitation paths.

Vulnerability DeskApr 27, 2026
Storm-2755 Steals Canadian Paychecks via SEO Poisoning
Threat Intelligence4 min read

Storm-2755 Steals Canadian Paychecks via SEO Poisoning

Microsoft tracks Storm-2755 'Payroll Pirate' using poisoned search results and AiTM phishing to hijack Canadian employee direct deposits. HR systems compromised.

Threat Intel DeskApr 12, 2026
Azure Kubernetes CVE-2026-33105 Hits CVSS 10.0
Vulnerabilities4 min read

Azure Kubernetes CVE-2026-33105 Hits CVSS 10.0

Microsoft Azure Kubernetes Service has a critical auth bypass (CVE-2026-33105) with a perfect CVSS 10.0 score. Unauthenticated attackers can escalate to cluster admin—patch now.

Vulnerability DeskApr 3, 2026
Microsoft Fixes Month-Long Outlook Gmail Sync Bug
Announcements4 min read

Microsoft Fixes Month-Long Outlook Gmail Sync Bug

Classic Outlook users can finally sync Gmail again after Microsoft resolves OAuth token issue that blocked email synchronization since February 26. Here's what happened and how to restore access.

ProbablyPwned Editorial TeamMar 24, 2026
Microsoft: macOS Infostealers Surge With ClickFix and Python
Malware4 min read

Microsoft: macOS Infostealers Surge With ClickFix and Python

Microsoft Defender Experts track expanding infostealer campaigns hitting macOS via ClickFix prompts, malicious DMG installers, and Python-based stealers. DigitStealer, MacSync, and AMOS lead the wave.

Malware DeskFeb 18, 2026
Microsoft Patches Six Zero-Days in February Patch Tuesday
Vulnerabilities4 min read

Microsoft Patches Six Zero-Days in February Patch Tuesday

Microsoft's February 2026 Patch Tuesday fixes 59 flaws including six actively exploited zero-days. CrowdStrike confirmed CVE-2026-21533 was used in attacks targeting US and Canada since December.

Vulnerability DeskFeb 12, 2026