The evolution of Microsoft Threat Protection, April update
Learn about the latest updates to Microsoft Threat Protection and the details of its foundation built on supporting Zero Trust.
Vulnerabilities and exploits
Microsoft security researchers monitor the threat landscape and collaborate with customers, partners, and industry experts to discover new vulnerabilities and exploits. Explore our latest findings and how they inform faster, more effective defenses.
Refine results
Topic
Products and services
Publish date
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
-
Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time
Microsoft’s Threat & Vulnerability Management solution is generally available! -
A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response
Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry. -
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies. Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
Microsoft works with researchers to detect and protect against new RDP exploits
The new exploit attacks show that BlueKeep will be a threat as long as systems remain unpatched, credential hygiene is not achieved, and overall security posture is not kept in check. -
GALLIUM: Targeting global telecom
Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers. -
Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk
Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020. -
Microsoft researchers work with Intel Labs to explore new deep learning approaches for malware classification
Researchers from Microsoft Threat Protection Intelligence Team and Intel Labs collaborated to study the application of deep transfer learning technique from computer vision to static malware classification. Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
-
Defending Exchange servers under attack
Exchange servers are high-value targets. -
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
Microsoft Defender Antivirus and System Center Endpoint Protection will automatically mitigate CVE-2021-26855 on any vulnerable Exchange Server on which it is deployed. -
Microsoft finds new NETGEAR firmware vulnerabilities that could lead to identity theft and full system compromise
We discovered vulnerabilities in NETGEAR DGN-2200v1 series routers that can compromise a network’s security—opening the gates for attackers to roam untethered through an entire organization. -
Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware
The Microsoft Threat Intelligence Center (MSTIC) alongside the Microsoft Security Response Center (MSRC) has uncovered a private-sector offensive actor, or PSOA, that we are calling SOURGUM in possession of now-patched, Windows 0-day exploits (CVE-2021-31979 and CVE-2021-33771).
