Security News

Microsoft has shared a solution for Outlook users who have been experiencing search issues after upgrading to Windows 11. "This issue will happen with any account where the emails and other items are stored locally in PST or OST files such as POP and IMAP accounts," Microsoft says on its list of recent issues impacting Outlook for PC. "For Exchange and Microsoft 365 hosted accounts, this issue will affect offline search for the data in the locally stored OST files."

Microsoft has reversed a Windows 11 design change that made it highly annoying to change the default browser used by the operating system. Previously, web browsers could configure themselves as the default browser by modifying the Windows Registry.

Microsoft Edge is now displaying in-browser alerts that discourage users from downloading Google Chrome by bashing the popular browser. A few weeks later, Google began telling Microsoft Edge users to switch to Chrome to use browser extensions more securely.

Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation on vulnerable systems. Tracked as CVE-2021-24084, the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain unauthorized file system access and read arbitrary files.

Microsoft has addressed a long list of issues and added more Windows 11 start menu customization options with the release of Windows 11 Insider Preview Build 22509 to the Dev Channel. The most critical issues fixed in this new development build led to update and installation problems that blocked Windows 11 users from deploying new builds.

The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities. Since researchers disclosed the vulnerabilities, threat actors have begun to exploit them to breach servers and install web shells, coin miners, and ransomware.

Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. Windows system admins are reporting that this is happening since updating Microsoft's enterprise endpoint security platform definitions to version 1.353.1874.0. While Microsoft hasn't yet shared any info on what causes this, the most likely reason is that the company has increased the sensitivity for detecting Emotet-like behavior in updates released today, which makes Defender's generic behavioral detection engine too sensitive prone to false positives.

A sad-faced Microsoft engineer has had to reset the "Days since we last shot ourselves in the foot" counter at the company's HQ after a security update broke Microsoft Defender for Endpoint on Windows Server Core. The latter included the LTSC editions of Windows 10 as Microsoft pointed out, only devices with a Windows Server Core installation were affected.

Microsoft has confirmed a new issue impacting Windows Server devices preventing the Microsoft Defender for Endpoint security solution from launching on some systems. The enterprise endpoint security platform might fail to start or run on devices with a Windows Server Core installation.

A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines. The phishing campaign, which began in July 2021, involved the exploitation of CVE-2021-40444, a remote code execution flaw that could be exploited using specially crafted Microsoft Office documents.