Security News

Microsoft has fixed a known issue affecting Windows apps using ODBC database connections after installing the November 2022 Patch Tuesday updates. This issue impacts both client and server Windows platforms, from Windows 7 SP1 and Windows Server 2008 SP2 up to the latest released Windows 11 and Windows Server 2022.

To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild and one that's been publicly disclosed. The one publicly disclosed vulnerability - CVE-2023-21549, in Windows SMB Witness - is apparently less likely to be exploited in the latest Windows and Windows Server versions, even though attack complexity and privileges required are low, and no user interaction is needed.

Microsoft has addressed a known issue causing Blue Screen of Death crashes with 0xc000021a errors after installing the Windows 10 KB5021233 cumulative update released during the December Patch Tuesday. The issue was fixed in the KB5022282 update issued today for all Windows 10 versions currently under support.

Today is Microsoft's January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws. This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as 'Critical.

The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. "Recently, we identified a widespread campaign of Kinsing that targeted vulnerable versions of WebLogic servers," reads a report by Microsoft security researcher Sunders Bruskin.

Microsoft has addressed a known issue breaking provisioning on Windows 11 22H2 systems and leaving enterprise endpoints partially configured and failing to finish installing. The issue was first acknowledged in October 2022 when Redmond said using provisioning packages after installing the Windows 11 2022 Update might not work as expected, failing with 0x800700b7 errors.

Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical and important vulnerabilities starting Tuesday, January 10, 2023.The Extended Security Update program was the last resort option for customers who still needed to run legacy Microsoft products past their end of support on Windows 7 systems.

Microsoft has shed light on four different ransomware families - KeRanger, FileCoder, MacRansom, and EvilQuest - that are known to impact Apple macOS systems. The initial vector for these ransomware families involves what the Windows maker calls "User-assisted methods," wherein the victim downloads and installs trojanized applications.

Microsoft has reminded customers that the extended support for all editions of Windows Server 2012 and Windows Server 2012 R2 will end on October 10. Although Windows Server 2012 reached its mainstream support end date over four years ago, in October 2018, Microsoft pushed back the end date for extended support five years to allow customers to migrate to newer, under-support Windows Server versions.

Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate networks to steal data and deploy ransomware. CrowdStrike researchers reported this week that the Play ransomware operation utilized a new Microsoft Exchange attack dubbed 'OWASSRF' that chained exploits for CVE-2022-41082 and CVE-2022-41080 to gain initial access to corporate networks.