Security News

Microsoft warned today that it will permanently turn off Exchange Online basic authentication starting early January 2023 to improve security. "Beginning in early January, we will send Message Center posts to affected tenants about 7 days before we make the configuration change to permanently disable Basic auth use for protocols in scope," The Exchange Team said on Tuesday.

When we woke up this morning, our cybersecurity infofeed was awash with "News" that Apple had just patched a security hole variously described a "Gnarly bug", a "Critical flaw" that could leave your Macs "Defenceless", and the "Achilles' heel of macOS". This isn't a new bug, it's just some new information about a bug that Apple fixed last week.

Security researchers at Microsoft have discovered a bug in macOS that lets malicious apps bypass Apple's Gatekeeper security software "For initial access by malware and other threats." Gatekeeper has been a part of macOS for a decade and is used to validate that apps are signed and notarized before allowing them to be launched.

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles, was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic issue that could be weaponized by an app to circumvent Gatekeeper checks.

Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions. Found and reported by Microsoft principal security researcher Jonathan Bar Or, the security flaw is now tracked as CVE-2022-42821.

Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions. Apple addressed the bug in macOS 13, macOS 12.6.2, and macOS 1.7.2 one week ago, on December 13.

Microsoft is investigating a known issue leading to Blue Screen of Death crashes with 0xc000021a errors after installing the Windows 10 KB5021233 cumulative update released during this month's Patch Tuesday. The company warned over the weekend that "After installing KB5021233, some Windows devices might start up to an error with a blue screen."

Microsoft has confirmed that Windows Update won't offer optional updates in December, with the software giant only focusing on security updates due to the holiday season. That means Windows 10 and all supported versions of Windows 11, including Server versions, and even Windows 8, won't get additional updates this month.

Microsoft has confirmed that Windows Update won't offer optional updates in December, with the software giant only focusing on security updates due to the holiday season. That means Windows 10 and all supported versions of Windows 11, including Server versions, and even Windows 8, won't get additional updates this month.

State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP!An unauthenticated remote code execution flaw is being leveraged by a Chinese state-sponsored group to compromise Citrix Application Delivery Controller deployments, the US National Security Agency has warned. Microsoft fixes exploited zero-day, revokes certificate used to sign malicious driversIt's December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw exploited by attackers to deliver a variety of malware.