Security News

Microsoft has released security updates to address a Secure Boot zero-day vulnerability exploited by BlackLotus UEFI malware to infect fully patched Windows systems. According to a Microsoft Security Response Center blog post, the security flaw was used to bypass patches released for CVE-2022-21894, another Secure Boot bug abused in BlackLotus attacks last year.

Today is Microsoft's May 2023 Patch Tuesday, and security updates fix three zero-day vulnerabilities and a total of 38 flaws. Today's Patch Tuesday is one of the smallest in terms of resolved vulnerabilities, with only thirty-eight vulnerabilities fixed, not including eleven Microsoft Edge vulnerabilities fixed last week, on May 5th. Three zero-days fixed.

Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. "If the user has a different default authentication method, there's no change to their default sign-in. If the default method is Authenticator, they get number matching," Microsoft clarified, and noted that users can't opt out of this feature.

Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said. The tech giant's threat intelligence team said it observed both Mango Sandstorm and Mint Sandstorm weaponizing CVE-2023-27350 in their operations to achieve initial access.

Microsoft has started enforcing number matching in Microsoft Authenticator push notifications to fend off multi-factor authentication fatigue attacks. As previously announced, Microsoft will start enforcing number matching for Microsoft Authenticator MFA alerts to block MFA fatigue attack attempts across tenants beginning today.

Microsoft says Iranian state-backed hackers have joined the ongoing assault targeting vulnerable PaperCut MF/NG print management servers. "The PaperCut exploitation activity by Mint Sandstorm appears opportunistic, affecting organizations across sectors and geographies," the Microsoft Threat Intelligence team said.

Microsoft has released a new Windows 11 dev build that modernizes the File Explorer details pane, improves the Windows Spotlight lock screen feature, and expands the "Notification badging" rollout in the Start menu. "We are introducing a modernized details pane in File Explorer designed to help you easily access related content, stay up to date with file activity, and collaborate without even opening a file," said Microsoft's Amanda Langowski and Brandon LeBlanc.

Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to sensitive information or backend services. This includes two server-side request forgery flaws and one instance of unrestricted file upload functionality in the API Management developer portal, according to Israeli cloud security firm Ermetic.

Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers. Microsoft showed interest in Rust several years ago as a way to catch and squash memory safety bugs before the code lands in the hands of users; these kinds of bugs were at the hear of about 70 percent of the CVE-listed security vulnerabilities patched by the Windows maker in its own products since 2006.

Microsoft says Windows 10, version 22H2 will be the last feature update to be released for the Windows 10 operating system.Windows 10 22H2 reached general availability in October 2022 and entered broad deployment on November 18, 2022.