Safeguard
Tag

windows

Safeguard articles tagged "windows" — guides, analysis, and best practices for software supply chain and application security.

20 articles

Tools

Semgrep Community Fall 2025: Native Windows and 3x Multicore

Semgrep's Fall 2025 Community Edition ships native Windows binaries, a memory-efficient multicore engine, and up to 3x scan speedups. We benchmarked it.

Oct 30, 20256 min read
Vulnerability Analysis

CVE-2018-1271: Path traversal in Spring MVC static resour...

A path traversal flaw in Spring MVC's static resource handling let attackers on Windows deployments escape the web root and read arbitrary files.

Sep 22, 20257 min read
Vulnerability Analysis

Windows NTLM Hash Disclosure CVE-2025-24054: The Protocol That Won't Die

CVE-2025-24054 leaks NTLM hashes through .library-ms files with minimal user interaction. Microsoft patched it in April 2025, but exploitation started almost immediately.

Apr 15, 20256 min read
Vulnerability Analysis

Paragon Partition Manager BYOVD: CVE-2025-0289 Kernel-Level Exploitation

Five vulnerabilities in Paragon Partition Manager's kernel driver were exploited in BYOVD attacks, allowing attackers to gain SYSTEM privileges on Windows systems. Microsoft added the driver to its blocklist.

Mar 1, 20256 min read
Supply Chain Security

Chocolatey Package Security on Windows: What You Need to Know

Chocolatey is the de facto package manager for Windows automation. Its trust model and security features deserve more scrutiny than most teams give them.

Mar 12, 20245 min read
Vulnerabilities

CVE-2023-4807: The OpenSSL POLY1305 Flaw on Windows

A cryptographic MAC that silently trashes CPU registers: why CVE-2023-4807 only bites Windows builds of OpenSSL, what it can actually do, and which releases fix it.

Feb 27, 20245 min read
Container Security

Docker Desktop WSL2 Security Changes in 2022

Docker Desktop's WSL2 backend reshaped container security on Windows. Here is what changed in 2022 and the defects that forced those changes.

Nov 18, 20226 min read
Vulnerability Analysis

PrintNightmare CVE-2021-34527: The Windows Print Spooler Bug That Haunted Every Enterprise

PrintNightmare gave attackers SYSTEM-level access through the Windows Print Spooler service running on nearly every Windows machine. The patch rollout was a mess.

Jul 8, 20217 min read
windows (Page 2) — Safeguard Blog