Security News

Trend Micro antivirus has fixed a false positive affecting its Apex One endpoint security solution that caused Microsoft Edge updates to be tagged as malware and the Windows registry to be incorrectly modified. As users further revealed, the Trend Micro Apex One flagged the browser updates as Virus/Malware: TROJ FRS.VSNTE222 and Virus/Malware: TSC GENCLEAN. Fix and workaround available.

Trend Micro has fixed a false positive issue affecting its Apex One endpoint security solution leading to Microsoft Edge updates being tagged as malware and Windows registry changes. As users further revealed, the Trend Micro Apex One flagged the browser updates as Virus/Malware: TROJ FRS.VSNTE222 and Virus/Malware: TSC GENCLEAN. Fix and workaround available.

Wormable malware dubbed Raspberry Robin has been active since last September and is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found. Eventually the worm installs malicious dynamic link library files found on the infected USB. While researchers first noticed Raspberry Robin as early as September 2021, most of the activity observed by Red Canary occurred during January of this year, researchers said.

Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives. This malware is linked to a cluster of malicious activity dubbed Raspberry Robin and was first observed in September 2021.

Microsoft has warned Windows 11 users that they might experience issues launching and using some. Affected apps use optional components such as Windows Workflow and Windows Communication Foundation.

You can find the date of the user's most recent password change by examining the PwdLastSet attribute, shown in Figure 1. Only one user's password change date is being shown, but there are any number of ways to tell the Get-ADUser cmdlet to display data for multiple user accounts.

Microsoft has addressed a newly acknowledged known issue that caused flickering screen problems and made some Windows apps seem unstable in Safe Mode without Networking. "Devices experiencing this issue can log a System error on the Windows Event Log, with Source 'Winlogon' and the following description: 'The shell stopped unexpectedly and explorer.exe was restarted'," Microsoft explained.

Fake Windows 10 updates are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month. While researching the campaign, we discovered a topic in our forums where readers report becoming infected by the Magniber ransomware after installing what is believed to be Windows 10 cumulative or security update.

That's where secured-core server comes in, using hardware-based security tools to protect your servers right from the moment they start to boot. Secured-core systems need a second generation TPM. The first and most obvious task is using the TPM to ensure the integrity of a server's BIOS and firmware, using pro-loaded signatures.

Microsoft has released a new Windows 11 build to the Dev and Beta Channels that introduces multiple group policies that IT administrators can use to tweak the Start menu, the taskbar, and the system tray. "We are introducing new policies so that IT administrators can simplify their Windows 11 experience across Start, taskbar, and the system tray," the Windows Insider team said.