Security News

Microsoft is investigating a known issue causing authentication failures for some Windows services after installing updates released during the May 2022 Patch Tuesday. Microsoft says the known issue is only triggered after installing the updates on servers used as domain controllers.

Microsoft says multiple editions of Windows 10 20H2 and Windows 10 1909 have reached their end of service on this month's Patch Tuesday, on May 10, 2022. This announcement comes after multiple reminders, including those issued this year in February and April, prompting customers to upgrade since Windows 10 20H2 will reach EOS for Windows 10 Home, Pro, Pro Education, and Pro for Workstations users.

Microsoft has revealed 73 new patches for May's monthly update of security fixes, including a patch for one flaw-a zero-day Windows LSA Spoofing Vulnerability rated as "Important"-that is currently being exploited with man-in-the-middle attacks. The software giant's monthly update of patches that comes out every second Tuesday of the month-known as Patch Tuesday-also included fixes for seven "Critical" flaws, 65 others rated as "Important," and one rated as "Low."

Microsoft has addressed a known issue causing apps using Direct3D 9 to experience problems after installing April 2022 cumulative updates, including crashes and errors on systems using certain GPUs. The problems affect systems running Windows 11 and Windows 10, where users have installed the KB5012643 and KB5011831 optional preview cumulative updates.

Security researchers have found a new post-exploitation framework that they dubbed IceApple, deployed mainly on Microsoft Exchange servers across a wide geography. The researchers observed IceApple being deployed after the threat actor obtains initial access to the network belonging to organizations in various activity sectors: technology, academic, and government.

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. The updates are in addition to 36 flaws patched in the Chromium-based Microsoft Edge browser on April 28, 2022.

Microsoft patched 74 security flaws in its May Patch Tuesday batch of updates. At least one of the vulnerabilities disclosed is under active attack with public exploit code, according to Redmond, while two others are listed as having public exploit code.

May 2022 Patch Tuesday is here, and Microsoft has marked it by releasing fixes for 74 CVE-numbered vulnerabilities, including one zero-day under active attack and two publicly known vulnerabilities. First and foremost, we have CVE-2022-26925, an "Important" spoofing vulnerability in Windows Local Security Authority that may turn into a "Critical" one if combined with NTLM relay attacks.

Microsoft has addressed an actively exploited Windows LSA spoofing zero-day that unauthenticated attackers can exploit remotely to force domain controllers to authenticate them via the Windows NT LAN Manager security protocol. The vulnerability, tracked as CVE-2022-26925 and reported by Bertelsmann Printing Group's Raphael John, has been exploited in the wild and seems to be a new vector for the PetitPotam NTLM relay attack.

Today is Microsoft's May 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities, with one actively exploited, and a total of 75 flaws. Of the 75 vulnerabilities fixed in today's update, eight are classified as 'Critical' as they allow remote code execution or elevation of privileges.