Security News

Microsoft has warned users clinging to Windows 7 and Windows 8.1 that the end really is nigh. Windows 7 went out of support in 2020, but Microsoft recognized that many enterprises were quite happy where they were.

Microsoft's promised service to enable automatic patching of Windows has gone live. The software giant on Monday announced Windows Autopatch is up and running.

Microsoft on Monday announced the general availability of a feature called Autopatch that automatically keeps Windows and Office software up-to-date on enrolled endpoints. The launch, which comes a day before Microsoft is expected to release its monthly round of security patches, is available for customers with Windows Enterprise E3 and E5 licenses.

Microsoft says that Windows Autopatch, an enterprise service that automatically keeps Windows and Microsoft 365 software up to date, is generally available starting today.Windows Autopatch was first announced in April when Microsoft said it would be available for free to Microsoft customers with a Windows 10/11 Enterprise E3 license or greater starting July 2022.

Microsoft is investigating an issue causing Outlook search not to display recent emails in desktop apps running on Windows 11 systems. "When searching in Outlook Desktop on Windows 11 you might not see the most recent emails in the search results," Microsoft explains.

Cybersecurity researchers are drawing attention to an ongoing wave of attacks linked to a threat cluster tracked as Raspberry Robin that's behind a Windows malware with worm-like capabilities. The infections involve a worm that propagates over removable USB devices containing malicious a.LNK file and leverages compromised QNAP network-attached storage devices for command-and-control.

Microsoft has released an update for the Windows Subsystem for Android, allowing all Windows 11 Insiders to use their VPN's IP address with Android apps. In May, Microsoft introduced a new 'Advanced Networking' feature to Windows 11 builds on the Dev channel, which made the Windows Subsystem for Android virtual machine and host share the same IP address.

A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. The Linux encryptor is created to target VMware ESXi servers, with command-line options that allow the threat actors to shut down any running virtual machines before encrypting files.

Microsoft has confirmed it fixed a previously disclosed 'ShadowCoerce' vulnerability as part of the June 2022 updates that enabled attackers to target Windows servers in NTLM relay attacks. This NTLM relay attack method can be used by threat actors to force unpatched servers to authenticate against servers under the attacker's control, leading to a takeover of the Windows domain.

Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors. Cybersecurity firm Sekoia also observed it using QNAP NAS devices as command and control servers servers in early November [PDF], while Microsoft said it found malicious artifacts linked to this worm created in 2019.