Security News

Microsoft has removed a compatibility hold blocking Windows 11 upgrades for Windows 10 customers after fixing a known issue leading to problems importing Internet Explorer 11 data into Microsoft Edge. The only customers impacted by the now-fixed known issue were those who didn't import their IE11 information into Microsoft Edge before starting the Windows 11 upgrade process.

Microsoft now allows enterprise admins to re-enable the MSIX ms-appinstaller protocol handler disabled after Emotet abused it to deliver malicious Windows App Installer packages. App Installer allows users to install Windows applications directly from a web server using an MSIX package or App Installer file without first downloading the installers to their computer.

Microsoft has added a new safeguard hold blocking Windows 11 upgrades for Windows 10 customers who don't import their Internet Explorer 11 data into Microsoft Edge before trying to install the newest Windows version. "After upgrading to Windows 11, saved information and data from Internet Explorer 11 might not be accessible if you did not accept to import it into Microsoft Edge before the upgrade," Microsoft explained in the Windows health dashboard.

Phishing attacks are abusing Microsoft Azure's Static Web Apps service to steal Microsoft, Office 365, Outlook, and OneDrive credentials. Azure Static Web Apps is a Microsoft service that helps build and deploy full-stack web apps to Azure from GitHub or Azure DevOps code repositories.

Phishing actors are actively abusing Calendly to kick off a clever sequence to trick targets into entering their email account credentials on the phishing page. The phishing attack begins with phishing emails generated on the Calendly platform that inform the recipient they received new Fax documents.

SentinelOne this week detailed a handful of bugs, including two critical remote code execution vulnerabilities, it found in Microsoft Azure Defender for IoT. These security flaws, which took six months to address, could have been exploited by an unauthenticated attacker to compromise devices and take over critical infrastructure networks. Microsoft Azure Defender for IoT is supposed to detect and respond to suspicious behavior as well as highlight known vulnerabilities, and manage patching and equipment inventories, for Internet-of-Things and industrial control systems.

Google Chrome and Microsoft Edge have been updated to patch a security flaw an exploit for which is said to be in the wild. Chromium is at the heart of Google Chrome as well as Microsoft Edge.

The distribution of the IcedID malware has seen a spike recently due to a new campaign that hijacks existing email conversation threads and injects malicious payloads that are hard to spot.The ongoing IcedID campaign was discovered this month by researchers at Intezer, who have shared their findings with Bleeping Computer prior to publication.

Lapsus$ gang says it has breached Okta and MicrosoftAfter breaching NVIDIA and Samsung and stealing and leaking those companies' propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta. How to become a passwordless organizationIn this interview with Help Net Security, Den Jones, CSO at Banyan Security, explains the benefits of implementing passwordless authentication and the process every organization has to go through when deploying such technology.

Microsoft says Windows 7 recovery discs created using the Control Panel Backup and Restore app will fail to start after installing Windows updates released since January 11, 2022. While Microsoft did not explain why this happens, it said the recovery discs would work on systems where the problematic updates weren't installed.