Security News

Microsoft has resolved a known issue that was blocking customers from upgrading some devices running Windows 10 1903 and 1909 to newer OS versions. The issue was first acknowledged one month after the release of the KB4577062 Windows 10 optional update for versions 1903 and 1909 on September 16.

To install new cumulative updates, Windows 10 feature updates, or out-of-band updates, Windows users rely on the Windows Update feature to properly update their computer. The resolve these issues, the first thing you should do if the Windows 10 updates install fails is to try downloading the update manually from Microsoft Update Catalog.

Microsoft says that customers who install the optional KB4577062 update for Windows 10 versions 1903 and 1909 will encounter issues upgrading to newer Windows 10 versions on some devices. "When updating to Windows 10, version 1903 or Windows 10, version 1909 from any previous version of Windows 10, you might receive a compatibility report dialog with 'What needs your attention' at the top and the error, 'Continuing with the installation of Windows will remove some optional features. You may need to add them back in Settings after the installation completes'," Microsoft explains.

An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems - but in reality, they are redirected to a fake Outlook login page that steals their credentials. Windows 7 reached end-of-life on Jan. 14, with Microsoft urging enterprises to upgrade to its Windows 10 operating system.

IDmission announced its Identity Management System to reduce unauthorized access to large multi-tenant facility access points. With IDMS, large organizations can significantly control physical and logical access points throughout the enterprise.

When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life and support on June 30, 2020, and that those were the final security patches available for Magento Commerce 1.14 and Magento Open Source 1. "If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site's security and PCI DSS compliance," Adobe warned.

Among the vulnerabilities patched by Microsoft on May 2020 Patch Tuesday is CVE-2020-1048, a "Lowly" privilege escalation vulnerability in the Windows Print Spooler service. CVE-2020-1048, which affects Windows 7, 8.1, and 10 and Windows Server 2008, 2012, 2016, and 2019, arises from the Windows Print Spooler service improperly allowing arbitrary writing to the file system.

One key addition to the malware is a small eyeball icon included in the control panel that can be used to recognize whether a user of a device with Anubis installed is looking at the device or not. The threat actors behind Anubis also are developing a way to integrate Yandex maps into the malware to show the location of infected devices, according to the report.

The ai Corporation, an FCA approved expert in payments, fraud and risk management, announced that it has upgraded EazyFuel, its closed loop fuel card platform, to be fully PCI compliant, in anticipation of the expansion of PCI Data Security Standard to cover fuel cards. Ai, whose aiGateway - omni-channel payment gateway - was granted Level 1 Service Provider accreditation recently, has rolled out PCI compliance across its suite of payments, fraud and risk management solutions for the fuel industry, in advance of any change to PCI DSS compliance or regulation.

RepRisk, a pioneer and leader in ESG data science announces the launch of its upgraded ESG Risk Platform - the world's largest and most comprehensive due diligence database on ESG and business conduct risks. "RepRisk has been on the cutting edge of ESG data science for over a decade, becoming the first firm to leverage big data techniques to better understand ESG risks in 2006" said Philipp Aeby, CEO of RepRisk.