Security News

Microsoft has removed a compatibility hold after fixing lower-than-expected performance or stuttering in some games affecting some Windows 11, version 22H2 systems. Compatibility holds are added by Redmond based on diagnostic data and known issues to block Windows upgrades on affected devices.

Microsoft now has an advisory out that's blaming rogue partners. The problem with certified kernel drivers, of course, is because they have to be signed by Microsoft, and because driver signing is compulsory on Windows, it means that if you can get your kernel driver signed, you don't need hacks or vulnerabilities or exploits to be able to load one as part of a cyberattack.

Microsoft has confirmed that from the beginning of 2023, it will introduce an EU Data Boundary solution designed to help customers in the European Union and the European Free Trade Association comply with legislation including the General Data Protection Regulation. From January 1st, the Redmond tech monster promises to give customers the ability to store and process their customer data within the EU Data Boundary for Microsoft 365, Azure, Power Platform and Dynamics 365 services.

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958, the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation Security Mechanism.

Microsoft says it has suspended several third-party developer accounts that submitted malicious Windows drivers for the IT giant to digitally sign so that the code could be used in cyberattacks. These moves come after eggheads at Google-owned Mandiant, SentinelOne, and Sophos told Microsoft in October that multiple cybercrime gangs were using malicious third-party-developed Microsoft-signed kernel-mode hardware drivers to help spread ransomware.

Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver payloads in Magniber ransomware attacks. The attackers used malicious standalone JavaScript files to exploit the CVE-2022-44698 zero-day to bypass Mark-of-the-Web security warnings displayed by Windows to alert users that files originating from the Internet should be treated with caution.

Multiple editions of Windows 10 21H1 have reached their end of service on this month's Patch Tuesday, as Microsoft reminded customers yesterday. Since Windows 10 21H1 will no longer receive security updates, customers are advised to upgrade to the latest release as soon as possible to avoid exposing their systems to attacks exploiting unpatched security vulnerabilities.

Microsoft has addressed an LSASS memory leak issue on some domain controllers that led to freezes and restarts after installing Windows Server updates released during last month's Patch Tuesday. LSASS enforces Windows security policies and handles user logins.

Microsoft on Tuesday disclosed it took steps to suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program were used to sign malware. One notable aspect of these attacks was that the adversary had already obtained administrative privileges on compromised systems before using the drivers.

Microsoft says Windows Server updates released during December's Patch Tuesday will trigger errors when trying to create new virtual machines on some Hyper-V hosts. [...]