Security News

Embattled Russian infosec shop Kaspersky is giving US customers six months of security updates for free as a parting gift as Uncle Sam kicks the antivirus maker out of the American market. In a farewell note to US users, the soon-to-be-banned biz thanked its customers for "Choosing and trusting Kaspersky throughout the years."

BeaverTail refers to a JavaScript stealer malware that was first documented by Palo Alto Networks Unit 42 in November 2023 as part of a campaign dubbed Contagious Interview that aims to infect software developers with malware through a supposed job interview process. Securonix is tracking the same activity under the moniker DEV#POPPER. Besides siphoning sensitive information from web browsers and crypto wallets, the malware is capable of delivering additional payloads like InvisibleFerret, a Python backdoor that's responsible for downloading AnyDesk for persistent remote access.

Microsoft will introduce checkpoint cumulative updates starting in late 2024 for systems running devices running Windows Server 2025 and Windows 11, version 24H2 or later. This new type of update will deliver security fixes and new features via smaller, incremental differentials that include only changes added since the previous checkpoint cumulative update.

Microsoft has finally fixed a known Outlook issue, confirmed in February, which was triggering incorrect security alerts after installing the December security updates for Outlook Desktop. The company acknowledged the bug in early February after many Microsoft 365 users reported seeing unexpected warnings that "This location may be unsafe" and "Microsoft Office has identified a potential security concern" when double-clicking ICS calendar files.

A smartphone's unique Bluetooth fingerprint could be used to track the device's user-until now. A team of researchers has developed a simple firmware update that can completely hide the Bluetooth fingerprint, eliminating the vulnerability.

Microsoft has confirmed that Windows Server updates from last month's Patch Tuesday break some Microsoft 365 Defender features that use the network data reporting service. "Devices which have installed Windows Server updates released June 11, 2024 might experience problems with Microsoft 365 Defender," the company explained on the Windows Server health dashboard.

Microsoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows 11 systems. "After installing the June 2024 Windows preview update, released June 25, 2024 and later updates, you might face issues using Windows Update Agent API from your script while searching for Windows updates," Microsoft explained on Friday.

Over the last month, Microsoft 365 and Microsoft Office users have been experiencing "30088-27" errors when attempting to update the application. Based on widespread user reports, the update problems plague Microsoft 365 users and those who use Click-To-Run versions of Office 2016, 2019, and 2021.

Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity.

Microsoft has released the KB5040427 cumulative update for Windows 10 21H2 and Windows 10 22H2 with 13 changes, including Microsoft Copilot now behaving like an app, providing more flexibility on...