Security News

Microsoft has confirmed that last month's Windows Server security updates may also cause domain controller reboots after the Local Security Authority Subsystem Service process crashes. "In rare instances, Windows Servers running the Domain Controller role might experience Local Security Authority Subsystem Service crashes resulting in a reboot," Microsoft explains in a new update added to the Windows release health dashboard.

Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows. Yesterday, BleepingComputer received multiple reports that reCaptcha stopped working in the latest version of Mozilla Firefox, with the issues also reported on Twitter and Reddit.

Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates. According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. The list of impacted Windows versions and buggy security updates includes Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, and Windows Server 2008.

Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. The company explains on the Windows health dashboard that "Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update."

Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and...

Microsoft has enabled Start menu ads in the optional KB5036980 preview cumulative update for Windows 11 22H2 and 23H2. The company first announced that it was working on adding ads to the Windows 11 Start menu just 12 days ago when it began rolling out this feature to Insiders in the Beta Channel to help users discover "Great apps" available in the Microsoft Store. While it also said that it regularly tries "Out new experiences and concepts that may never get released with Windows Insiders to get feedback," Redmond has now turned on the Start menu ads for all customers who install the optional April 2024 non-security preview update.

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat...

Microsoft has released hotfix updates to address multiple known issues impacting Exchange servers after installing the March 2024 security updates.Although the April 2024 HU is optional, it also adds support for ECC certificates and Hybrid Modern Authentication for OWA/ECP. If you have installed the March 2024 SU and have not experienced any known issues fixed in the optional update and do not need the new features, you can wait for the next Exchange Server SU, which will also include these hotfixes.

North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware. Researchers describe GuptiMiner as "a highly sophisticated threat" that can perform DNS requests to the attacker's DNS servers, extract payloads from images, sign its payloads, and perform DLL sideloading.

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the...