Security News

Microsoft has updated the Windows Subsystem for Android in Windows 11 to make telemetry collection optional and announced an upgrade to Android 12.1. "To help us make Windows Subsystem for Android better and provide useful telemetry about Android app usage, please enable this setting in the Windows Subsystem for Android Settings app!".

Microsoft has released out-of-band updates on Thursday evening to address a newly acknowledged issue impacting Microsoft Store apps. This known issue affects devices running Windows 10 where users have installed the KB5011831 optional preview cumulative update or other updates released since April 25th. "After installing KB5011831 or later updates, you might receive an error code: 0xC002001B when attempting to install from the Microsoft Store," Microsoft explained on the Windows health dashboard.

Microsoft has released an out-of-band patch to deal with an authentication issue that was introduced in the May 10 Windows update. Multiple administrators complained last week that after installing the May 10 patch, they experienced authentication failures across several systems.

Microsoft search engine Bing censors terms deemed sensitive in China from its autosuggestion feature internationally, according to research from Citizen Lab. The University of Toronto research organization analyzed the search engine's autosuggestion system for censorship of nearly 100,000 names in the United States, Canada and China in both English letters and Chinese characters.

Microsoft has released emergency out-of-band updates to address Active Directory authentication issues after installing Windows Updates issued during the May 2022 Patch Tuesday on domain controllers. "After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server, Routing and Remote access Service, Radius, Extensible Authentication Protocol, and Protected Extensible Authentication Protocol," Microsoft explained.

A stealthy and modular malware used to hack into Linux devices and build a DDoS botnet has seen a massive 254% increase in activity during the last six months, as Microsoft revealed today. XorDDoS is known for targeting a multitude of Linux system architectures, from ARM to x64, and compromising vulnerable ones in SSH brute-force attacks.

During the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft's Windows 11 operating system and the Teams communication platform. The first to fall was Microsoft Teams in the enterprise communications category after Hector Peralta exploited an improper configuration flaw.

Microsoft has released the first ISO image for the new Windows 11 Preview builds in the Dev channel, allowing Windows Insiders to perform clean installs of the operating system. Last week, Microsoft again started offering different Windows 11 builds in the 'Dev' and 'Beta' channels, with the beta channel receiving Windows 11 build 22621 and the Dev channel receiving Windows 11 build 25115.

Microsoft warned of brute-forcing attacks targeting Internet-exposed and poorly secured Microsoft SQL Server database servers using weak passwords. Similar attacks against MSSQL servers were reported in March when they were targeted to deploy Gh0stCringe remote access trojans.

Microsoft has advised its reseller community it needs to pay attention to the debut of improve security tooling aimed at making it harder for attackers to worm their way into your systems through partners. Microsoft reckons that users with regulatory requirements to only offer outsiders least-privileged access will appreciate GDAP. GDAP will become generally available "By early June 2022" according to a Microsoft notice for partners.