Security News

Researchers have reported a still-unpatched Windows zero-day that is currently being exploited in the wild. Here’s the advisory, which includes a work-around until a patch is available.

A free unofficial patch is now available to block ongoing attacks against Windows systems that target a critical zero-day vulnerability known as 'Follina. The bug, now tracked as CVE-2022-30190 and described by Redmond as a Microsoft Windows Support Diagnostic Tool remote code execution flaw, impacts all Windows versions still receiving security updates.

Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability to execute malicious code remotely on Windows systems. This Microsoft Windows Support Diagnostic Tool remote code execution flaw impacts all Windows client and server platforms still receiving security updates.

During the Build 2022 developer conference, Microsoft announced a number of new features for Windows 11, including an improved Windows Subsystem for Android and more. Microsoft is upgrading the Android OS within the subsystem to Android 12L and adding support for advanced networking, so your mobile apps can easily communicate with devices outside the virtualization environment.

Hackers are showing an increased interest in the Windows Subsystem for Linux as an attack surface as they build new malware, the more advanced samples being suitable for espionage and downloading additional malicious modules. WSL-based malware samples discovered recently rely on open-source code that routes communication through the Telegram messaging service and gives the threat actor remote access to the compromised system.

A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. The makers of the ChromeLoader software nasty ensure their malware is persistent once on a system and is difficult to find and remove, according to threat hunters at cybersecurity shop Red Canary, who have been tracking the strain since early February and have seen a flurry of recent activity.

Microsoft's Windows Hardware Compatibility Program has confirmed that Windows 11 22H2 build 22621 is the Released to Manufacturing build, meaning that the development of Window's 11 next feature update is ready for release. Microsoft confirmed the build in a new post by the Windows Hardware Compatibility Program, listing new policies and development kits for hardware developers creating drivers for Windows 11 22H2. This blog post lists the requirements and timeline for when developers can start submitting new drivers for Windows 11 22H2. As part of this information, Microsoft states that the minimum acceptable build for Windows 11 22H2 is the RTM build, 22621.

This week's Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including the ransomware protection feature. "The UMH component used by several Trend Micro endpoint and server protection products is responsible for some advanced features such as ransomware protection," the antivirus vendor revealed.

Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. Attackers can launch this attack using the KrbRelayUp tool developed by security researcher Mor Davidovich as an open-source wrapper for Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn privilege escalation tools.

Microsoft has announced that Windows Subsystem for Linux distros are now supported on Windows Server 2022 after installing this week's cumulative update previews. To install the Windows Server 2022 KB5014021 update, you must go to Settings > Windows Update and manually 'Check for updates.