Security News

Commercially developed FinFisher malware now can infect Windows devices using a UEFI bootkit that it injects in the Windows Boot Manager. "During our research, we found a UEFI bootkit that was loading FinSpy. All machines infected with the UEFI bootkit had the Windows Boot Manager replaced with a malicious one," Kasperksy researchers revealed today.

Microsoft has pulled an AMD driver from Windows Update after numerous people reported that it prevents Windows 10 from starting and displays an "INACCESSIBLE BOOT DEVICE" error. When hardware manufacturers release new drivers for Windows 10, they get added to the Windows Update as an optional driver update that users can install.

A Windows Defender bug creates thousands of small files that waste gigabytes of storage space on Windows 10 hard drives. The bug started with Windows Defender antivirus engine 1.1.18100.

GRUB, a popular boot loader used by Unix-based operating systems has fixed multiple high severity vulnerabilities. In 2020, BleepingComputer had reported on the BootHole vulnerability in GRUB2 that could have let attackers compromise an operating system's booting process even if the Secure Boot verification mechanism was active.

Microsoft has acknowledged an issue affecting Windows 10 customers who have installed the KB4535680 security update that addresses a security feature bypass vulnerability in Secure Boot. Windows versions affected by this vulnerability include multiple Windows 10 releases, Windows 8.1, Windows Server 2012 R2, and Windows Server 2012.

A barcode scanner app, with over 10 million downloads, was booted from the Google Play marketplace after users began to complain of mobile-ad overload. The makers of the app, called Barcode Scanner, intentionally altered the code of the app via an update turning it from a benign app to adware, according to researchers. Tipped by a user, researchers at Malwarebytes explained, the publisher added new heavily obfuscated code to the app that directed the default mobile web browser to launch and serve-up ads - whether the barcode app was active or not.

Google has removed 164 apps, downloaded a total of 10 million times, from its Google Play marketplace because they were delivering "Disruptive" ads, considered malicious. The problem continues to plague Google despite numerous efforts by the company to prevent "Malicious developers" from submitting their apps to its Google Play marketplace.

Microsoft has fixed a security feature bypass vulnerability in Secure Boot that allows attackers to compromise the operating system's booting process even when Secure Boot is enabled. "An attacker who successfully exploited the vulnerability might bypass secure boot and load untrusted software," Microsoft explains.

Microsoft has acknowledged a new issue impacting Windows 10 customers that might cause booting to fail on devices where the chkdsk tool has been used to repair logical file system errors. Chkdsk is a command-line utility that can be used to check a Windows device's volumes for file system and file system metadata logical and physical errors.

Researchers have discovered a raft of malicious gaming apps on Google Play that come loaded with adware, signaling that the tech giant continues to struggle with keeping bad apps off its online marketplace. Among these endeavors include stronger vetting mechanisms-which resulted in more than 790,000 apps that violate Google's policies for app submission stopped last year before they were ever published-as well as an alliance with three endpoint security firms to help stop malicious apps before they get to Google Play.