The Daily Swig
20-year-old bug in legacy Microsoft code plagues all windows users
Threatpost
Possible attacks, according to Chris Morales, head of security analytics at Vectra, include sending commands to an elevated command window, reading passwords out of dialogs or escaping app container sandboxes by sending data to an uncontained app.