Security News

Microsoft has announced a new feature for Microsoft Defender for Endpoint to help organizations prevent attackers and malware from using compromised unmanaged devices to move laterally through the network.There's a catch: the new MDE capability works only with onboarded devices running Windows 10 and later or Windows Server 2019 and later.

Miscreants are reportedly exploiting the recently disclosed critical Windows Follina zero-day flaw to infect PCs with Qbot, thus aggressively expanding their reach. Threat Insight, part of cybersecurity vendor Proofpoint, noted on Twitter this week that miscreants have been seen exploiting the Follina flaw, tracked as CVE-2022-30190, in the Windows Support Diagnostic Tool to deliver Qbot, also known as QakBot, QuakBot and Pinkslipbot, onto victims' computers.

An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool, even as the Follina flaw continues to be exploited in the wild. The issue - referenced as DogWalk - relates to a path traversal flaw that can be exploited to stash a malicious executable file to the Windows Startup folder when a potential target opens a specially crafted ".

A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware. As Proofpoint security researchers shared today, the TA570 Qbot affiliate has now begun using malicious Microsoft Office.

Microsoft has moved Windows 11, version 22H2, to the Windows Insider Release channel, indicating that it is in its final round of testing before it's likely released this fall. Last month, we reported that Windows 11 22H2 build 22621 was the Released to Manufacturing build, which is the product's final build before its release to OEMs and other partners for installation in new devices.

Free unofficial patches for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool have been released today through the 0patch platform. Diagcab files are downloaded from the Internet and include a Mark-of-the-Web, Windows ignores it for this file type and allows the file to be opened without a warning.

Free unofficial patches for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool have been released today through the 0patch platform. Diagcab files are downloaded from the Internet and include a Mark-of-the-Web, Windows ignores it for this file type and allows the file to be opened without a warning.

European governments and US local governments were the targets of a phishing campaign using malicious Rich Text Format documents designed to exploit a critical Windows zero-day vulnerability known as Follina. BleepingComputer is aware of local governments in at least two US states that were targeted by this phishing campaign.

Microsoft said this week that Windows Autopatch, a service to automatically keep Windows and Microsoft 365 software up to date in enterprise environments, has now reached public preview.Windows Autopatch automatically manages the deployment of Windows 10 and Windows 11 quality and feature updates, drivers, firmware, and Microsoft 365 Apps for enterprise updates.

Microsoft is working on a new 'Restore Apps' feature for Windows 11 that will allow users to quickly reinstall all of their previously installed apps from the Microsoft Store on a new or freshly installed PC. One of the most time-consuming tasks for setting up a new Windows installation is restoring all your previously installed applications. While desktop applications will still need to be installed manually, the new Windows 11 feature will allow you to install all the Microsoft Store apps tied to your account by clicking a single button.