Microsoft's May Patch Tuesday looked quiet. Since then, there's been an unpatched Exchange CVE, three Defender flaws, and a ...

Microsoft rushes to mitigate the new “YellowKey” flaw that may bypass BitLocker protections and expose encrypted Windows ...

Following the release of a BitLocker zero-day security bypass by a disgruntled hacker, Microsoft has now offered mitigation advice until a patch is available.

Microsoft patched two actively exploited Defender zero-days affecting Windows systems and security components.

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active ...

CISA has added the Microsoft Malware Protection Engine and Microsoft Defender Antimalware Platform vulnerabilities to its KEV ...

Microsoft pushed out-of-band patches on May 21, 2026, for two actively exploited Windows Defender zero-days — one that lets a ...

Attackers are already actively exploiting two vulnerabilities for which Microsoft issued patches on Nov. 12 as part of its monthly security update. And they could soon begin targeting two other ...

SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.

Microsoft has announced mitigations for CVE-2026-45585, a BitLocker bypass triggered via FsTx in Windows Recovery.

PCWorld reports on the ‘BlueHammer’ zero-day vulnerability that allows attackers to potentially take over Windows computers through privilege escalation. A frustrated security researcher published the ...