Security News
Microsoft has started the forced rollout of Windows 10, version 21H2 to more devices approaching the end of service as part of a first machine learning training phase. Windows 10 21H2 is also rolling out to seekers on Windows 10 2004 or newer through a fast update experience similar to a monthly update.
Microsoft released a list of twenty-five group policies that admins should not use in Windows 10 and Windows 11 as they do not provide optimal behavior or cause unexpected results. Windows Senior Program Manager Aria Carley hinted in December warned admins that admins should avoid using various group policies in Windows 10 and Windows 11.
Lenovo at CES announced new ThinkPads with AMD's Ryzen chips, and the laptops will ship without Pluton turned on. "Pluton will be disabled by default on 2022 Lenovo ThinkPad platforms. Specifically the Z13, Z16, T14, T16, T14s, P16s and X13 using AMD 6000-series processors. Customers will have the ability to enable Pluton themselves," a Lenovo spokesperson told The Register.
"Pluton will be disabled by default on 2022 Lenovo ThinkPad platforms. Specifically the Z13, Z16, T14, T16, T14s, P16s and X13 using AMD 6000-series processors. Customers will have the ability to enable Pluton themselves," a Lenovo spokesperson told The Register. Pluton is designed for Windows PCs, and support for Linux "Is currently an unsupported scenario," Microsoft spokesperson told The Register.
Threat actors have weaponized a newly discovered bug in SolarWinds Serv-U file-sharing software to launch Log4j attacks against networks' internal devices, Microsoft warned on Wednesday. SolarWinds fixed the vulnerability in Serv-U version 15.3, released on Tuesday.
The Microsoft RDP vulnerability is a serious problem, but with a few caveats: It's been patched, and experts say it may be less likely to happen than it seems at first glance. A recently discovered vulnerability in Microsoft's remote desktop protocol goes back to Windows Server 2012 R2 and lets anyone who can connect to an RDP session gain near total control over other RDP users, launching a man-in-the-middle attack.
Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.
Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.
SolarWinds has patched a Serv-U vulnerability discovered by Microsoft that threat actors actively used to propagate Log4j attacks to internal devices on a network. Microsoft says they discovered the vulnerability during their monitoring of the Log4j attacks.
A Microsoft developer document has leaked the company's plans for third-party widgets coming soon to the Windows 11 Widgets feature. With Windows 11, Microsoft converted the feature into a new app called 'Widgets,' which also pops up from the Windows taskbar.