Computer Weekly

Dangerous CLFS and LDAP flaws stand out on Patch Tuesday

Microsoft has issued fixes for 71 Common Vulnerabilities and Exposures (CVEs) to mark the final Patch Tuesday of 2025, with a solitary zero-day that enables privilege elevation through the Windows ...
CSOonline

Critical Windows LDAP flaw could lead to crashed servers, RCE attacks

LDAPNightmare: If December Patch Tuesday server updates have not yet been installed, it’s time to do so to avoid DoS or RCE attacks on Active Directory domain controllers as shown by PoC exploit.
Computer Weekly

Microsoft’s April 2025 bumper Patch Tuesday corrects 124 bugs

Microsoft’s mighty bundle of 124 April fixes for Common Vulnerabilities and Exposures (CVEs) in its codebase includes 11 that are rated “critical” and two rated “low”, with the rest rated “important” ...
ZDNet

Microsoft: Here's how to defend Windows against these new privilege escalation attacks

Microsoft has detailed how Windows customers can defend themselves from automated 'Kerberos Relay' attacks that can give an attacker System privileges on a Windows machine. Microsoft has responded to ...
CSOonline

The cloud is not your only option: on-prem security still alive and well in Windows Server 2025

Reports of the demise of Windows Active Directory are greatly exaggerated – here’s how Microsoft is supporting AD in its latest server platform. We’ve often heard that on-premises solutions are on ...