Threat Post

Windows 10 Drive-By RCE Triggered by Default URI Handler

There’s an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed. UPDATE: This issue is now fixed. Researchers have ...
ZDNet

Protocol abuse adds to Firefox, Windows security woes

Security researchers have discovered a new set of protocol abuse problems with Mozilla Firefox, warning that the popular open-source browser is a sitting duck for code execution exploits. Billy (BK) ...