Windows截图工具NTLM哈希泄露漏洞PoC利用代码发布

针对Microsoft Snipping Tool中新披露漏洞的概念验证(PoC)利用代码已被公开发布,该漏洞允许攻击者通过诱使用户访问恶意网页来静默窃取用户的Net-NTLM凭证哈希。 由于缺乏适当的输入验证,攻击者可以提供指向远程攻击者控制的SMB服务器的UNC路径,强制进行经过身份验证的SMB连接,并在此过程中捕获受害者的Net-NTLM哈希。 该漏洞由Black Arrow的安全研究人员发 ...
Dark Reading

Windows SMB Zero-Day Exploit On The Loose

US-CERT and other organizations Friday warned of a zero-day memory corruption bug in several versions of Microsoft Windows that could allow a remote attacker to cause a vulnerable system to crash and ...

微软推送 Win11 26H1 四月更新:提升网络稳定性、改进安全启动

需要强调的是,Windows 11 26H1 并非面向现有设备的常规升级。微软明确表示,该版本是专为下一代芯片设计的硬件优化版本,将于 2026 年初起独家预装于搭载骁龙 X2 Plus、Elite 及 Extreme 处理器的新款 ARM64 设备,使用 Intel 或 AMD 硬件的现有电脑将不会收到此版本推送。
Neowin

Windows 11 Canary Channel build 25982 adds Copilot, SMB client encryption and more.

We are beginning to roll out Copilot in Windows in preview to Windows Insiders in the Canary Channel. Rolling this out in the Canary Channel to Insiders in the select global markets mentioned below ...
Neowin

Windows Server vNext build 25987 for Insiders improves SMB over QUIC features0 0

Microsoft has released the latest Windows Server build for people in the Windows Server Insider Program. It has the build number of 25987 and includes improvements of SMB over QUIC features. Microsoft ...
来自MSN

CISA warns high-severity Windows SMB flaw now exploited in attacks, so update now

CVE-2025-33073 sees Windows users face an SMB vulnerability Microsoft issued a fix in June 2025 – make sure you’re up to date Google’s researchers were among those who discovered it Microsoft has ...
XDA Developers on MSN

I stopped choosing between SMB, NFS, and iSCSI, and my NAS finally makes sense

I wish I'd done it sooner ...
SiliconANGLE

CISA urges immediate patching of exploited Windows SMB client vulnerability

The U.S. Cybersecurity and Infrastructure Agency has issued a warning relating to an actively targeted Microsoft Windows vulnerability that can be found in unpatched versions of Windows 10, Windows 11 ...