Microsoft Defender

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)

0-day, Don't miss, exploit, Hot stuff, Microsoft, Microsoft Defender, News, vulnerability disclosure /

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656) 2026-06-17 at 14:26 By Zeljka Zorz Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the “RoguePlanet” exploit, and is “working to provide a high quality security update that addresses this vulnerability.” The vulnerability, which has been assigned […]

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656) Read More »

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Chaotic Eclipse, Microsoft Defender, mitigations, RoguePlanet, Vulnerabilities, Zero-Day /

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day 2026-06-17 at 12:41 By Ionut Arghire The public PoC code exploits a race condition in Microsoft Defender to spawn a command prompt with System privileges. The post Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day Read More »

Record Microsoft Patch Tuesday, fresh zero-day

AI, Don't miss, Fortra, Hot stuff, Microsoft, Microsoft Defender, News, Patch Tuesday, patching, security update, Tenable, Trend Micro, Windows /

Record Microsoft Patch Tuesday, fresh zero-day 2026-06-10 at 14:23 By Zeljka Zorz Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher behind weeks of escalating Windows exploit releases, dropped a proof-of-concept exploit for a new zero-day: “RoguePlanet”, which abuses a race condition in

Record Microsoft Patch Tuesday, fresh zero-day Read More »

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)

Don't miss, Hot stuff, Microsoft, Microsoft Defender, News, vulnerability, vulnerability disclosure, Windows /

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) 2026-05-21 at 14:22 By Zeljka Zorz Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The vulnerabilities CVE-2026-41091 allows for local privilege elevation (LPE), and is caused by the Microsoft Malware

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) Read More »

Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days

exploited, Microsoft, Microsoft Defender, RedSun, UnDefend, Vulnerabilities, Zero-Day /

Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days 2026-05-21 at 13:14 By Ionut Arghire The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition. The post Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days Read More »

DigiCert breached via malicious screensaver file

breach, DigiCert, Malware, Microsoft Defender, News, social engineering /

DigiCert breached via malicious screensaver file 2026-05-04 at 18:59 By Sinisa Markovic A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing certificates. DigiCert is a global Certificate Authority (CA) providing digital trust services, specializing in TLS/SSL certificates, PKI management, and

DigiCert breached via malicious screensaver file Read More »

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

BlueHammer, exploited, Microsoft Defender, RedSun, UnDefend, Vulnerabilities, vulnerability /

Recent Microsoft Defender Vulnerability Exploited as Zero-Day 2026-04-23 at 12:17 By Ionut Arghire The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges. The post Recent Microsoft Defender Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent Microsoft Defender Vulnerability Exploited as Zero-Day Read More »

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

0-day, Don't miss, exploit, Hot stuff, Huntress, Microsoft, Microsoft Defender, News, PoC /

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild 2026-04-17 at 14:32 By Zeljka Zorz The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild Read More »

AI-enabled device code phishing campaign exploits OAuth flow for account takeover

authentication, Microsoft, Microsoft Defender, News, phishing /

AI-enabled device code phishing campaign exploits OAuth flow for account takeover 2026-04-07 at 14:59 By Anamarija Pogorelec A phishing campaign that bypasses the standard 15-minute expiration window through automation and dynamic code generation, leveraging the OAuth Device Code Authentication flow to compromise organizational accounts at scale, has been observed by the Microsoft Defender Security Research

AI-enabled device code phishing campaign exploits OAuth flow for account takeover Read More »

New Defender deployment tool streamlines Windows device onboarding with single executable

Microsoft, Microsoft Defender, News, update, Windows /

New Defender deployment tool streamlines Windows device onboarding with single executable 2026-03-03 at 14:06 By Anamarija Pogorelec Microsoft’s Defender deployment tool for Windows helps administrators manage device onboarding at scale with updated progress visibility and additional controls. Simplified deployment with added administrative controls The tool adapts to the operating system and supports endpoint security across

New Defender deployment tool streamlines Windows device onboarding with single executable Read More »

Microsoft Unveils Security Enhancements for Identity, Defense, Compliance

Copilot, Entra, Intune, Management & Strategy, Microsoft, Microsoft Defender, Purview, security products /

Microsoft Unveils Security Enhancements for Identity, Defense, Compliance 2025-11-19 at 10:03 By Eduard Kovacs Microsoft announced new security capabilities for Defender, Sentinel, Copilot, Intune, Purview, and Entra.  The post Microsoft Unveils Security Enhancements for Identity, Defense, Compliance appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Unveils Security Enhancements for Identity, Defense, Compliance Read More »

Project Ire: Microsoft’s autonomous malware detection AI agent

AI, automation, Don't miss, Hot stuff, LLM, malware detection, Microsoft, Microsoft Defender, News, reverse engineering /

Project Ire: Microsoft’s autonomous malware detection AI agent 2025-08-05 at 19:45 By Zeljka Zorz Microsoft is working on a AI agent whose main goal is autonomous malware detection and the prototype – dubbed Project Ire – is showing great potential, the company has announced on Tuesday. Tested on a dataset of known malicious and benign

Project Ire: Microsoft’s autonomous malware detection AI agent Read More »

Microsoft introduces protection against email bombing

Don't miss, Email, Hot stuff, Microsoft, Microsoft Defender, News, social engineering, spam /

Microsoft introduces protection against email bombing 2025-07-01 at 18:54 By Zeljka Zorz By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is email bombing? Email bombing (aka spam bombing) is an attack technique that results in

Microsoft introduces protection against email bombing Read More »

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

0-day, Active Directory, CVE, Don't miss, Hot stuff, Immersive Labs, Ivanti, Microsoft, Microsoft Defender, News, OpenSSL, Patch Tuesday, security update, Tenable, Trend Micro, vulnerability, Windows, Windows Server /

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) 2024-11-12 at 23:03 By Zeljka Zorz November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (CVE-2024-43451, CVE-2024-49039) CVE-2024-43451 is yet another

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Read More »

Microsoft announces Defender bug bounty program

bug bounty, Don't miss, Hot stuff, Microsoft, Microsoft Defender, News, Vulnerabilities /

Microsoft announces Defender bug bounty program 22/11/2023 at 14:47 By Helga Labus Microsoft has announced a new bug bounty program aimed at unearthing vulnerabilities in Defender-related products and services, and is offering participants the possibility to earn up to $20,000 for the most critical bugs. The Microsoft Defender bug bounty program Microsoft Defender includes various

Microsoft announces Defender bug bounty program Read More »

Microsoft Defender can automatically contain compromised user accounts

automation, BEC scams, Don't miss, Endpoint Security, enterprise, Hot stuff, Microsoft, Microsoft Defender, MITM, News, privileged accounts, Ransomware, XDR /

Microsoft Defender can automatically contain compromised user accounts 12/10/2023 at 15:32 By Helga Labus The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt human-operated attacks like ransomware, business

Microsoft Defender can automatically contain compromised user accounts Read More »

Scroll to Top