The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".
Under certain circumstances a shared folder on Windows can be abused
remotely to obtain the user credentials and to freeze the machine. This was already reported to MSRC on May 24, and was closed on October 18 2017. This attack makes use of SCF files, and a shared folder with certain configuration.
The malware spreads through removable drives even if AutoPlay is disabled, installs rootkit on the computer.
Researchers at Matousec have revealed that out of 34 tested security products, none has been able to prevent their proof of concept attack.
Two weeks before Patch Tuesday, Microsoft rushes out a patch for Internet Explorer, even though IE8 already includes workarounds to the addressed vulnerability.
Memory Protection Issue in Microsoft Virtual PC Hypervisor Software May Leave Systems Open to Infiltration
Mozilla pulled two extensions from its download site after finding out that they contained a Trojan. 4,600 users could be infected.
The Windows kernel has a vulnerability present in all versions of NT, which was first introduced in 1993.
The dreaded Blue Screen of Death (BSoD) has a little brother: the blacK Screen of Death (KSoD). UK-based security firm Prevx initially claimed it is caused by a recent patch from Microsoft, but reports of similar issues months before that patch's release and denial by Microsoft itself leave the issue unexplained.
Microsoft has confirmed last week's announcement
of a vulnerability in the Server Message Block protocol affecting machines running Windows 7 or Windows Server 2008 R2.