News

25 July 2025

Positive Technologies expert helps patch critical Windows vulnerability

Sergey Bliznyuk, an expert from PT SWARM at Positive Technologies, discovered the vulnerability CVE-2025-47955, which affected 37 Microsoft products. This issue posed a significant threat to organizations, as it impacted current desktop and server versions of Windows. Exploiting the flaw could allow attackers to execute arbitrary code on corporate devices and install any software, including malware. Microsoft was notified of the issue under the responsible disclosure policy and has since patched it.

23 July 2025

Positive Hack Talks in Jakarta: over 370 experts join a new cybersecurity meetup

Positive Technologies, an industry leader in result-driven cybersecurity, hosted an open event for cybersecurity professionals in Jakarta. The meetup attracted more than 370 participants, ranging from seasoned professionals to students and aspiring researchers. Speakers from India, Indonesia, the Philippines, and Russia shared practical expertise and unique insights.

22 July 2025

Vulnerabilities in ATEN International switches patched with the assistance of Positive Technologies experts

ATEN International, a manufacturer of IT connectivity and management solutions, has fixed vulnerabilities in its KVM over IP switches series CL57xx. A KVM device is a computer with a built-in keyboard, monitor, and touchpad in a special case designed for installation in server racks. The security issues were discovered by PT SWARM experts: Natalya Tlyapova, Denis Goryushev, and Dmitry Sklyarov. Three of the vulnerabilities were critical, and two others were classified as high-severity.

17 July 2025

Positive Technologies expert helps fix critical vulnerability in FreeIPA Directory Service

Red Hat has thanked Positive Technologies' PT SWARM expert Mikhail Sukhov for identifying a critical vulnerability in FreeIPA, a domain controller for Linux systems. FreeIPA enables centralized management of user accounts, access policies, and auditing. It is included in the Red Hat Enterprise Linux distribution, used by over 2,000 organizations worldwide, and forms the foundation for IT products from various vendors, including domestic ones. If exploited, the vulnerability could have allowed attackers to steal confidential company data. The vendor was notified of the threat in line with the responsible disclosure policy and has already released software patches.

14 July 2025

Microsoft thanks Positive Technologies expert for helping to fix vulnerability in 17 operating systems

A vulnerability affecting several Windows operating systems has been resolved thanks to Marat Gayanov, an expert from the Positive Technologies Expert Security Center (PT ESC). The flaw could have allowed attackers to disable targeted devices. The vendor was notified of the threat in line with the responsible disclosure policy and has released updates for all the affected 17 operating systems and their versions.

9 July 2025

Positive Technologies helps resolve zero-day vulnerability in Windows

Sergey Tarasov, Specialist at the Positive Technologies Expert Security Center, discovered a high-severity vulnerability affecting 37 desktop and server Windows operating systems, including Windows 11, Windows 10, Server 2025, Server 2022, and Server 2019 of various versions and architectures. The flaw in the NTFS file system driver could have led to privilege escalation on a user's computer if they opened a malicious virtual hard disk. Identified as CVE-2025-49689, the vulnerability was assigned a severity score of 7.8 on the CVSS 3.1 scale. Microsoft was notified under the responsible disclosure policy and released patches in July 2025.

7 July 2025

Positive Technologies expert helps fix vulnerability in the PHPOffice library

25 June 2025

Positive Technologies warns: phishing attacks increased by one-third over the past year

23 June 2025

Apple thanks Positive Technologies for discovering a vulnerability in its Shortcuts app

18 June 2025

Standoff at SPIEF 2025 to feature cyber exercises for blue teams from around the world

Thinking about the best way to protect your company?

During the consultation we'll propose a solution precisely tailored to your organization.