WinBuzzer

Microsoft January 2026 Patch Tuesday Fixes Actively Exploited DWM Zero-day Alongside 111 Security Flaws

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that attackers are actively exploiting.
CSOonline

Critical Windows LDAP flaw could lead to crashed servers, RCE attacks

LDAPNightmare: If December Patch Tuesday server updates have not yet been installed, it’s time to do so to avoid DoS or RCE attacks on Active Directory domain controllers as shown by PoC exploit.
CSOonline

The cloud is not your only option: on-prem security still alive and well in Windows Server 2025

Reports of the demise of Windows Active Directory are greatly exaggerated – here’s how Microsoft is supporting AD in its latest server platform. We’ve often heard that on-premises solutions are on ...