Bob CarverMay 14, 2025
https://www.forbes.com/sites/daveywinder/2025/05/14/microsoft-confirms-windows-is-under-attack---you-must-act-now/
#cybersecurity #Microsoft #patchtuesday #exploitwednesday #updatenow
Microsoft Confirms Windows Is Under Attack — You Must Act Now

Microsoft has confirmed multiple new Windows zero-day attacks. Here's what you need to know and do, right now.

Forbes
buheratorFeb 12, 2025
Here are the results of #ghidriff's VersionTrackingDiff ran on the latest patch of afd.sys (likely as the result of CVE-2025-21418):

https://gist.github.com/v-p-b/458475d0c7f8aaf6496b5168c04ea262

The change seems to affect a single but significant API (AfdAccept()), my initial guess is this was a locking issue.

#ExploitWednesday
afd.sys.x64.10.0.26100.3037 vs afd.sys.x64.10.0.26100.3194

afd.sys.x64.10.0.26100.3037 vs afd.sys.x64.10.0.26100.3194 - afd.sys-afd.sys.ghidriff.md

Gist
buheratorFeb 12, 2025
Has anyone looked into the "Advanced Installers" (...ai.dll) distributed via Windows Updates? #ExploitWednesday
TechFinitiveOct 27, 2023

Patch Tuesday is 20 years old.

Unfortunately, two decades on, the vast majority of businesses have not implemented patches for critical vulnerabilities within 24 hours, according to the results of a new threat mindset survey from SonicWall.

Full story by @happygeek here: https://www.techfinitive.com/happy-20th-birthday-patch-tuesday-but-why-do-we-still-have-exploit-wednesday/

#cybersecurity #patchtuesday #exploitwednesday

Happy 20th birthday Patch Tuesday, but why do we still have Exploit Wednesday? | TechFinitive

In October 2003, Microsoft first bundled vulnerability fixes on a set date: Patch Tuesday. So why are organisations still so slow to patch?

TechFinitive
TechFinitiveSep 14, 2023

Microsoft confirms Word zero-day exploit that could expose passwords to hackers, reports @happygeek in his latest article for TechFinitive - https://www.techfinitive.com/microsoft-confirms-word-zero-day-exploit-that-could-expose-passwords-to-hackers/

#ZeroDayExploit #PatchTuesday #ExploitWednesday #hackers

Microsoft confirms Word zero-day exploit that could expose passwords to hackers | TechFinitive

A Microsoft Word zero-day exploit could leave a gaping hole in your company's defences. Davey Winder explains what you must do.

TechFinitive
.beejayNov 17, 2022
Cumulated external DNS-queries to our domains. Did someone whisper #exploitWednesday? #infosec