Bleeping Computer

Windows 11 KB5058499 update rolls out new Share and Click to Do features

Microsoft has released the KB5058499 preview cumulative update for Windows 11 24H2 with forty-eight new features or changes, with many gradually rolling out, such as the new Windows Share feature and ...
Lifehacker

Microsoft's Latest 'Patch Tuesday' Fixes 134 Security Vulnerabilities

Microsoft has released its April 2025 Patch Tuesday update, which fixes 134 malicious bugs across its systems—including one zero-day exploit. Windows and Microsoft users should ensure their devices ...
Dark Reading

Xerox Printer Vulnerabilities Enable Credential Capture

A popular small to midrange Xerox business printer contains two now-patched vulnerabilities in its firmware that allow attackers an opportunity to gain full access to an organization's Windows ...
TechRadar

Xerox printer security risk could let hackers sneak into your systems

Security researchers found two flaws affecting Xerox Versalink MFP printers The flaws could be used in "pass-back" attacks to steal login credentials Patches and workarounds are already available, so ...
The Hacker News

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via ...
theregister

Security pros baited with fake Windows LDAP exploit traps

Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws. Trend Micro spotted what appears to be a fork of the ...
Security Boulevard

Windows LDAP Denial of Service Vulnerability (CVE-2024-49113) Alert

Recently, NSFOCUS CERT detected that the details of Windows LDAP remote code execution vulnerability (CVE-2024-49113) were disclosed. Due to an out-of-bounds read vulnerability in wldap32.dll of ...
CSOonline

Critical Windows LDAP flaw could lead to crashed servers, RCE attacks

LDAPNightmare: If December Patch Tuesday server updates have not yet been installed, it’s time to do so to avoid DoS or RCE attacks on Active Directory domain controllers as shown by PoC exploit.
SecurityWeek

Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability

Proof-of-concept (PoC) code was published for CVE-2024-49113, a denial-of-service (DoS) vulnerability in Windows LDAP. SafeBreach has published proof-of-concept (PoC) exploit code targeting a recently ...
The Hacker News

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition ...
Dark Reading

Unpatched Active Directory Flaw Can Crash Any Microsoft Server

One of two critical Active Directory Domain Controller vulnerabilities patched by Microsoft last month goes beyond the original denial-of-service (DoS) attack chain and can be used to crash multiple, ...