Security News

After a lengthy discussion between staff at Mozilla and Apple, security researchers and the CA itself, Mozilla program manager Kathleen Wilson said the org's concerns were "Substantiated" enough to set a distrust date of November 30 for TrustCor's root certificates. Microsoft didn't participate in the conversation; instead, TrustCor executive Rachel McPherson claimed that Microsoft had set a distrust date of November 1 for her company's certs.

Google's Threat Analysis Group said on Wednesday that its researchers discovered commercial spyware called Heliconia that's designed to exploit vulnerabilities in Chrome and Firefox browsers as well as Microsoft Defender security software. The three components perform the following functions: Heliconia Noise is a web framework for deploying an exploit for a Chrome renderer bug followed by a sandbox escape; Heliconia Soft is a web framework that deploys a PDF containing a Windows Defender exploit; and Files is a set of Firefox exploits for Linux and Windows.

There are also more security options for what Teams product marketing director Caroline Stanford called "Cone of silence" meetings at the recent Microsoft Ignite conference; those are the digital version of board meetings, financial planning meetings or reviews of unannounced products in the office "With the blinds closed and the door locked." Plus, you can use Microsoft Purview Information Protection sensitivity labels to apply the right settings for specific kinds of meetings.

Microsoft says that parts of the Task Manager might become unreadable for some customers after installing this month's KB5020044 preview update for Windows 11 22H2 systems. On affected devices, users might see that some user interface elements of the Task Manager are being shown using unexpected colors, making them unreadable.

Microsoft has addressed a known issue leading to significant performance hits when copying large files over SMB after installing the Windows 11 2022 update. "There is a performance reduction in 22H2 when copying larger files from a remote computer down to a Windows 11 computer or when copying files on a local drive," explained Microsoft's Ned Pyle when acknowledging the issue more than a month ago in early October.

"Initially, built-in protection will include turning tamper protection on for your tenant, with other default settings coming soon," Microsoft explains.In September, Redmond added that it would soon enable tamper protection by default on all Microsoft Defender for Endpoint onboarded systems, locking Microsoft Defender Antivirus to secure default values and preventing any security settings changes.

Those affected may be unaware that their devices run services using the discontinued Boa web server, and that firmware updates and downstream patches do not address its known vulnerabilities. Boa is an open-source web server designed for embedded applications and used to access settings, management consoles, and sign-in screens in devices.

Microsoft announced today that the Store version of Windows Subsystem for Linux is generally available for Windows 10 and 11 customers. Following customer requests, all Windows 10 users can now use Linux GUI apps after updating to the Microsoft Store version.

Microsoft is investigating and working on fixing Remote Desktop issues on Windows 11 systems after installing the Windows 11 2022 Update. "After installing Windows 11, version 22H2, the Windows Remote Desktop application might stop responding when connecting via a Remote Desktop gateway or Remote Desktop Connection Broker," the company explained.

A recently published study evaluated 1.6 million Microsoft 365 users across three continents, finding that 90% of organizations had gaps in essential security protections. To find out, CoreView experts reviewed the most common problems to understand what companies are doing well and reveal gaps in IT management strategies.