Security News

Microsoft fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines deployed on VMware ESXi hosts. The company confirmed the issue days later, saying it only affects guest VMs on VMware ESXi hosts with an AMD Epyc physical processor, the "Expose IOMMU to guest OS" VMware option toggled on, and Virtualization Based Security and System Guard Secure Launch enabled in Windows Server 2022.

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of...

Microsoft has released the KB5032190 cumulative update to fix security vulnerabilities in Windows 11. This is the first Patch Tuesday update that enables Windows 11 Moment 4 features for everyone.

Microsoft has released the KB5032189 cumulative update for Windows 10 21H2 and Windows 10 22H2, which contains eleven fixes for various issues. KB5032189 is a mandatory Windows 10 cumulative update containing the November 2023 Patch Tuesday security updates.

The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit...

Windows 11 23H2 is now out and it comes with tons of new features. Despite promising features like easily switching to dark mode, the AI integration feels more like a web wrapper than a native feature of Windows 11.

Microsoft has released the optional KB5031455 Preview cumulative update for Windows 11 22H2, which enables 72 new Moment 4 features by default and fixes 22 issues. The KB5031455 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, released on the fourth week of every month.

Microsoft has released the optional KB5031445 Preview cumulative update for Windows 10 22H2 with nine improvements or fixes, including a fix for a memory leak in ctfmon. The KB5031445 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, which are typically released on the fourth Tuesday of every month.

The number of Cisco IOS XE devices detected with a malicious backdoor implant has plummeted from over 50,000 impacted devices to only a few hundred after the attackers updated the backdoor to hide infected systems from scans. This week, Cisco warned that hackers exploited two zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, to hack over 50,000 Cisco IOS XE devices to create privileged user accounts and install a malicious LUA backdoor implant.

According to complaints from Windows admins, the issue is triggered after installing KB5031361 and KB5031364 on Windows Server 2019 and Windows Server 2022 systems. When it released the buggy cumulative updates, the company revised the support document for KB5031364, including and removing a known issue related to VMware ESXi, describing boot issues encountered by guest VMs operating Windows Server 2022 with Secure Boot enabled.