Organizations using Microsoft Intune with its Endpoint Privilege Management capability now can have better control over Windows 365 user privileges, per a Monday Microsoft announcement. A September ...

Too many organizations are still allowing most of their end-users full-time administration privileges in Windows. If you ask why the taboo practice is continuing, administrators will respond that they ...

An unpatched vulnerability can allow for privilege escalation across Windows systems through the abuse of the Remote Procedure Call (RPC) architecture in Microsoft's OS. Called PhantomRPC, the flaw ...

A researcher has created a remote print server allowing any Windows user with limited privileges to gain complete control over a device simply by installing a print driver. In June, a security ...

A high-severity Windows Admin Center vulnerability (CVE-2026-26119) could allow privilege escalation in enterprise environments. Here’s what to know and how to mitigate risk. The dashboard designed to ...

Microsoft has issued a temporary workaround for a privilege escalation vulnerability that could expose administrator passwords to non-admin users. CVE-2021-36934, also called "HiveNightmare" and ...

Free unofficial patches have been released to protect Windows users from a local privilege escalation (LPE) zero-day vulnerability in the Mobile Device Management Service impacting all Windows 10 ...

The U.S. cybersecurity agency also added a recently disclosed Google Pixel flaw to its list of exploited vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed ...

Splunk for Windows has a high-severity flaw that lets local users escalate privileges through misconfigured file permissions. Learn how to fix it. A newly disclosed high-severity flaw in Splunk for ...

Microsoft has detailed how Windows customers can defend themselves from automated 'Kerberos Relay' attacks that can give an attacker System privileges on a Windows machine. Microsoft has responded to ...

Editor’s note: This article, originally published on September 13, 2023, has been updated with new research on a similar vulnerability. The latest version of Kubernetes released last month includes ...

After a pair of PrintNightmare vulnerabilities, the last thing the Windows Print Spooler needed was a third vulnerability, and yet it exists. Microsoft has announced CVE-2021-34481 allows for local ...