Security News

Microsoft is alerting customers that its May Patch Tuesday update is causing authentications errors and failures tied to Windows Active Directory Domain Services. "After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server, Routing and Remote access Service, Radius, Extensible Authentication Protocol, and Protected Extensible Authentication Protocol," Microsoft reported.

Unlike the original Windows 11 release, it won't be a massive update with radical design changes. There's a possibility that Start Menu features will be released using 'Windows Feature Experience Packs,' which is a new way to update and improve the OS without major feature updates.

Windows admins have been expressing their dismay at Microsoft's decision to move the Quick Assist remote assistance tool to the Microsoft Store. Quick Assist allows Windows 10 and Windows 11 users to receive or give assistance to other Windows users by taking control of their computer remotely, as we reported four years ago.

A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. While Microsoft did not share too many details about the bug, they stated that the fix affected the EFS API OpenEncryptedFileRaw(A/W) function, which indicated that this might be another unpatched vector for the PetitPotam attack.

A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. PetitPotam is an NTLM Relay Attack tracked as CVE-2021-36942 that French security researcher GILLES Lionel discovered, aka Topotam, in July.

Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. "The new variant, which we call Sysrv-K, sports additional exploits and can gain control of web servers" by exploiting various vulnerabilities, the Microsoft Security Intelligence team said in a Twitter thread. "These vulnerabilities, which have all been addressed by security updates, include old vulnerabilities in WordPress plugins, as well as newer vulnerabilities like CVE-2022-22947."

Microsoft is investigating a known issue causing authentication failures for some Windows services after installing updates released during the May 2022 Patch Tuesday. Microsoft says the known issue is only triggered after installing the updates on servers used as domain controllers.

Microsoft is testing a new 'Suggested Actions' feature in Windows 11 Dev builds where the operating system suggests actions you can take with data you copy into the clipboard. Today, Microsoft again began offering different builds in the 'Dev' and 'Beta' channels, with the beta channel receiving Windows 11 build 22621 and the Dev channel receiving Windows 11 build 25115.

Windows 11 users are receiving 0xc0000135 errors when attempting to launch applications after installing the recent Windows 11 KB5013943 cumulative update. These updates include the Windows 11 KB5013943 update, which included a fix for a bug causing.

Microsoft says multiple editions of Windows 10 20H2 and Windows 10 1909 have reached their end of service on this month's Patch Tuesday, on May 10, 2022. This announcement comes after multiple reminders, including those issued this year in February and April, prompting customers to upgrade since Windows 10 20H2 will reach EOS for Windows 10 Home, Pro, Pro Education, and Pro for Workstations users.