A Microsoft Office functionality that has been in use since the early 1990s can be exploited to deliver malicious, executable files to users without triggering widely used security software, claims security researcher Kevin Beaumont.
Another example of how vendors sometimes choose to improve usability to the detriment of user security has been recently discovered by security researcher and Microsoft MVP Patrick Barker.
Despite having paid $125,000 for information about an Address Space Layout Randomisation (ASLR) vulnerability affecting Internet Explorer, Microsoft has decided against patching it because they feel it does not affect the default configuration of IE.
Digital Constitution - a dedicated website Microsoft set up to keep users informed of its efforts to counter US government's attempts to access customer emails the company stores in its data center located in Dublin, Ireland - has been compromised.
From this month on, all versions of Ask.com's infamous browser toolbar except the very last will be detected as unwanted software by Microsoft security products and removed.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.