Handler on Duty: Manuel Humberto Santander Pelaez
Threat Level: green
Podcast Detail
SANS Stormcast Friday, July 17th, 2026: Windows Hello for Business; NGINX Vuln; 7-zip vuln
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/10012.mp3
My Next Class
Click HERE to learn more about classes Johannes is teaching for SANS
German Federal Information Security Office Analyzes Windows Hello for Business
https://www.heise.de/en/news/BSI-dissects-Windows-Hello-Where-Microsoft-s-login-reaches-its-limits-11366125.html
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Windows_dissected/AP1_Windows-Hello-for-Business.pdf?__blob=publicationFile&v=7
NGINX Vulnerability
https://my.f5.com/manage/s/article/K000162097
7-Zip XZ Decompression CVE-2026-14266
https://www.zerodayinitiative.com/advisories/ZDI-26-444/
My Upcoming Classes
https://www.sans.org/profiles/dr-johannes-ullrich
| Application Security: Securing Web Apps, APIs, and Microservices | Online | British Summer Time | Jul 27th - Aug 1st 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 21st - Sep 25th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 14th - Dec 18th 2026 |





