Security News

Microsoft has released the optional KB5031445 Preview cumulative update for Windows 10 22H2 with nine improvements or fixes, including a fix for a memory leak in ctfmon. The KB5031445 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, which are typically released on the fourth Tuesday of every month.

The number of Cisco IOS XE devices detected with a malicious backdoor implant has plummeted from over 50,000 impacted devices to only a few hundred after the attackers updated the backdoor to hide infected systems from scans. This week, Cisco warned that hackers exploited two zero-day vulnerabilities, CVE-2023-20198 and CVE-2023-20273, to hack over 50,000 Cisco IOS XE devices to create privileged user accounts and install a malicious LUA backdoor implant.

According to complaints from Windows admins, the issue is triggered after installing KB5031361 and KB5031364 on Windows Server 2019 and Windows Server 2022 systems. When it released the buggy cumulative updates, the company revised the support document for KB5031364, including and removing a known issue related to VMware ESXi, describing boot issues encountered by guest VMs operating Windows Server 2022 with Secure Boot enabled.

ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish "Malware delivery via fake browser updates" campaigns, Sekoia researchers have concluded. Subsequently downloaded payloads create an iframe element to host the fake update interface, download that interface, and the fake update content and HTML page.

Microsoft has resolved a known issue that caused Windows 10 security updates released during this month's Patch Tuesday to fail with 0x8007000d errors. For systems impacted by this issue, specifically Windows 10 21H2 and Windows 10 22H2, the KB5031356 security update would fail despite displaying initial progress during deployment.

This is to deal with a recent outbreak of malicious updates pushing malware from compromised publisher accounts. Starting in late August and into September 2023, there has been an elevated number of reports about compromised Steamworks accounts and the attackers uploading malicious builds that infect players with malware.

Microsoft says Windows 10 security updates released during this month's Patch Tuesday may fail to install with 0x8007000d errors, although initially displaying progress. On systems affected by this known issue running client platforms, the KB5031356 security update will fail to complete installation.

Microsoft has released the KB5031356 cumulative update for Windows 10 21H2 and Windows 10 22H2, with twenty-five fixes for various issues. KB5031356 is a mandatory Windows 10 cumulative update containing the October 2023 Patch Tuesday security updates.

Microsoft has released the Windows 11 22H2 KB5031354 cumulative update to fix security vulnerabilities. KB5031354 is a mandatory Windows 11 cumulative update containing the October 2023 Patch Tuesday security updates.

The November Patch Tuesday cumulative update will include the Moment 4 features and updates. This patch Tuesday will include the last updates for Windows 11 21H2 and Microsoft Server 2012/2012 R2. The later go into Extended Security Support starting with a November release, and Microsoft also announced the keys used to enable these updates will be managed as part of Azure Arc.