Security News

Microsoft says that some applications might fail to backup data using Volume Shadow Copy Service after applying the June 2022 Patch Tuesday Windows updates."After you install the June 14, 2022 or a later Windows update, operations related to shadow copies on an Application Server running VSS aware Server Applications that store data on remote SMB 3.0 or later file shares may fail for SMB shares hosted on a File Server," Microsoft explains.

Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities. Criminals and snoops can abuse the remote code execution bug, tracked as CVE-2022-30190, by crafting a file, such as a Word document, so that when opened it calls out to the Microsoft Windows Support Diagnostic Tool, which is then exploited to run malicious code, such spyware and ransomware.

June 2022 Patch Tuesday has been marked by Microsoft with the release of fixes for 55 new CVEs, as well as security updates that fix Follina, the Microsoft Windows Support Diagnostic Tool RCE that is being widely exploited by attackers. "The update for is in the June 2022 cumulative Windows Updates. Microsoft strongly recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action," the company noted.

Microsoft has released security updates with the June 2022 cumulative Windows Updates to address a critical Windows zero-day vulnerability known as Follina and actively exploited in ongoing attacks. "Microsoft recommends installing the updates as soon as possible," the company further urged customers in a post on the Microsoft Security Response Center.

Today is Microsoft's June 2022 Patch Tuesday, and with it comes fixes for 55 vulnerabilities, including fixes for the Windows MSDT 'Follina' zero-day vulnerability and new Intel MMIO flaws. Microsoft has fixed the widely-exploited Windows Follina MSDT zero-day vulnerability tracked as CVE-2022-30190 in the June 2022 Updates.

Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities. Two weeks after the initial compromise using an unpatched Exchange server as an entry vector, the threat actor deployed BlackCat ransomware payloads across the network via PsExec.

A new feature in Microsoft Defender for Endpoint can make it more difficult for attackers to perform lateral movement within company networks, as it allows admins to prevent traffic flowing to and from unmanaged devices that have been compromised. "While devices enrolled in Microsoft Defender for Endpoint can be isolated to prevent bad actors from compromising other devices, responding to a compromised device not enrolled in Microsoft Defender for Endpoint can be a challenge for organizations today," noted Yossi Basha, Principal Product Manager, M365 Defender at Microsoft.

Microsoft is finally rolling out the new File Explorer tabbed interface with the release of Windows 11 Insider Preview Build 25136 to the Dev Channel. "To help you work across multiple locations at the same time, the title bar of File Explorer now has tabs. We'd love your feedback on which tabs features you'd like to see next," the Windows Insider team said.

Microsoft has announced a new feature for Microsoft Defender for Endpoint to help organizations prevent attackers and malware from using compromised unmanaged devices to move laterally through the network.There's a catch: the new MDE capability works only with onboarded devices running Windows 10 and later or Windows Server 2019 and later.

Major supply-chain attacks of recent years - we're talking about SolarWinds, Kaseya and Log4j to name a few - are "Just the tip of the iceberg at this point," according to Aanchal Gupta, who leads Microsoft's Security Response Center. As the head of MSRC, Gupta has a unique vantage point.