Microsoft Flaw
-
{
- All
- News
- Videos
-
CERT-In Warns Chrome, Edge Users of ‘High’ Risk Vulnerabilities on Windows, macOS, and Linux
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory regarding multiple vulnerabilities affecting two popular Chromium-based web browsers — Google Chrome and Microsoft Edge. The latest bulletin, published on Monday, has flagged the discovered vulnerabilities as high risk that could potentially allow threat actors to exploi...
-
Microsoft Discovers Vulnerability That Lets Hackers See ChatGPT and Gemini’s Conversation Topics
Microsoft has discovered a new vulnerability, called Whisper Leak, that reportedly affects most server-based AI chatbots, including ChatGPT and Gemini. The flaw enables attackers to infer conversation topics through side-channel attacks by analysing encrypted network traffic metadata. Microsoft says it worked with vendors like OpenAI, Mistral, and ...
-
CERT-In Highlights Zoom Security Flaws That Could Let Hackers Access Meeting, Sensitive Information
The Indian Computer Emergency Response Team (CERT-In) has issued a notification asking Zoom for Windows, macOS, Android, and iOS users to download the latest available update of the app, as multiple vulnerabilities have been found in its particular version. The security flaws allow bad actors to gain unauthorised access to Zoom Rooms and get their ...
-
Google Chrome, Microsoft Edge Security Flaws: CERT-In Asks Users to Update to Latest Versions With Security Fixes
The Indian Computer Emergency Response Team (CERT-In), on October 15, released two vulnerability notes to warn Google Chrome and Chromium-based Microsoft Edge users of multiple security flaws. These vulnerabilities can be exploited by hackers, granting them unauthorised access to a user’s desktop. However, people can install the latest available ...
-
Microsoft SharePoint Hack: Probe on Whether Chinese Hackers Found Flaw via Alert
Microsoft is probing if a leak from its cybersecurity early warning system allowed Chinese hackers to exploit unpatched flaws in its SharePoint service. The company is said to be investigating whether this program, designed to give security experts a head start on fixes, inadvertently led to widespread exploitation of SharePoint vulnerabilities glo...
-
Microsoft Knew of SharePoint Security Flaw but Failed to Effectively Patch It, Timeline Shows
A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort, a timeline reviewed by Reuters shows.
-
Microsoft SharePoint Servers in Thousands of Firms Targeted Using ToolShell Zero-Day Vulnerability
Microsoft has warned customers about active attacks exploiting a remote code execution (RCE) vulnerability in its SharePoint server software. Malicious actors are using this flaw to gain unauthorised and persistent access to on-premise servers, and thousands of organisations could be affected. Attackers may retain access even after servers are patc...
-
Microsoft Fixes One Zero-Day Vulnerability, 136 Other Flaws With July 2025 Windows Security Update
After fixing 67 security flaws in its June 2025 security update, Microsoft has now rolled out 137 security patches for Windows, including one publicly disclosed Zero-Day vulnerability in its July 2025 security update. The US-based tech giant has also fixed 14 critical vulnerabilities, two of which are AMD side channel attacks. The Zero-Day vulnerab...
-
Microsoft 365 Copilot Vulnerable to Zero-Click EchoLeak Exploit, Cybersecurity Researchers Say
Microsoft 365 Copilot, the enterprise-focused artificial intelligence (AI) chatbot that works across Office apps, is vulnerable to a zero-click vulnerability. As per a cybersecurity firm, a flaw existed in the chatbot that could be triggered via a simple text email to hack into it. Once the chatbot was hacked, it could then be made to retrieve sens...
-
Microsoft Fixes 67 Security Flaws With June 2025 Security Update, Including Two Zero-Day Vulnerabilities
Microsoft's June 2025 Patch Tuesday includes fixes for multiple security flaws. Among these are 11 "critical" and 56 "important" vulnerabilities. Two zero-day flaws were addressed, with one already actively exploited, as per the company. This follows Microsoft's fixes for Edge vulnerabilities, earlier this month, including a zero-day exploit.
-
CERT-In Warns Chrome, Edge Users of ‘High’ Risk Vulnerabilities on Windows, macOS, and Linux
The Indian Computer Emergency Response Team (CERT-In) has issued an advisory regarding multiple vulnerabilities affecting two popular Chromium-based web browsers — Google Chrome and Microsoft Edge. The latest bulletin, published on Monday, has flagged the discovered vulnerabilities as high risk that could potentially allow threat actors to exploi...
-
Microsoft Discovers Vulnerability That Lets Hackers See ChatGPT and Gemini’s Conversation Topics
Microsoft has discovered a new vulnerability, called Whisper Leak, that reportedly affects most server-based AI chatbots, including ChatGPT and Gemini. The flaw enables attackers to infer conversation topics through side-channel attacks by analysing encrypted network traffic metadata. Microsoft says it worked with vendors like OpenAI, Mistral, and ...
-
CERT-In Highlights Zoom Security Flaws That Could Let Hackers Access Meeting, Sensitive Information
The Indian Computer Emergency Response Team (CERT-In) has issued a notification asking Zoom for Windows, macOS, Android, and iOS users to download the latest available update of the app, as multiple vulnerabilities have been found in its particular version. The security flaws allow bad actors to gain unauthorised access to Zoom Rooms and get their ...
-
Google Chrome, Microsoft Edge Security Flaws: CERT-In Asks Users to Update to Latest Versions With Security Fixes
The Indian Computer Emergency Response Team (CERT-In), on October 15, released two vulnerability notes to warn Google Chrome and Chromium-based Microsoft Edge users of multiple security flaws. These vulnerabilities can be exploited by hackers, granting them unauthorised access to a user’s desktop. However, people can install the latest available ...
-
Microsoft SharePoint Hack: Probe on Whether Chinese Hackers Found Flaw via Alert
Microsoft is probing if a leak from its cybersecurity early warning system allowed Chinese hackers to exploit unpatched flaws in its SharePoint service. The company is said to be investigating whether this program, designed to give security experts a head start on fixes, inadvertently led to widespread exploitation of SharePoint vulnerabilities glo...
-
Microsoft Knew of SharePoint Security Flaw but Failed to Effectively Patch It, Timeline Shows
A security patch Microsoft released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort, a timeline reviewed by Reuters shows.
-
Microsoft SharePoint Servers in Thousands of Firms Targeted Using ToolShell Zero-Day Vulnerability
Microsoft has warned customers about active attacks exploiting a remote code execution (RCE) vulnerability in its SharePoint server software. Malicious actors are using this flaw to gain unauthorised and persistent access to on-premise servers, and thousands of organisations could be affected. Attackers may retain access even after servers are patc...
-
Microsoft Fixes One Zero-Day Vulnerability, 136 Other Flaws With July 2025 Windows Security Update
After fixing 67 security flaws in its June 2025 security update, Microsoft has now rolled out 137 security patches for Windows, including one publicly disclosed Zero-Day vulnerability in its July 2025 security update. The US-based tech giant has also fixed 14 critical vulnerabilities, two of which are AMD side channel attacks. The Zero-Day vulnerab...
-
Microsoft 365 Copilot Vulnerable to Zero-Click EchoLeak Exploit, Cybersecurity Researchers Say
Microsoft 365 Copilot, the enterprise-focused artificial intelligence (AI) chatbot that works across Office apps, is vulnerable to a zero-click vulnerability. As per a cybersecurity firm, a flaw existed in the chatbot that could be triggered via a simple text email to hack into it. Once the chatbot was hacked, it could then be made to retrieve sens...
-
Microsoft Fixes 67 Security Flaws With June 2025 Security Update, Including Two Zero-Day Vulnerabilities
Microsoft's June 2025 Patch Tuesday includes fixes for multiple security flaws. Among these are 11 "critical" and 56 "important" vulnerabilities. Two zero-day flaws were addressed, with one already actively exploited, as per the company. This follows Microsoft's fixes for Edge vulnerabilities, earlier this month, including a zero-day exploit.
