Security News

Microsoft has fixed a known Bluetooth issue causing some Windows 10 systems to crash with a blue screen of death after installing the January KB5009596 cumulative update. The list of affected Windows versions includes only client platforms: Windows 10 21H2, Windows 10 21H1, and Windows 10 20H2. "After installing KB5009596 or later updates, some organizations which have Windows devices paired to Bluetooth devices might receive an error message 'Your device ran into a problem and needs to restart.' with a blue screen and 'Stop code: IRQ NOT LESS OR EQUAL'," Microsoft explains.

Microsoft has released the optional KB5011543 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and a new "Search highlights" feature for the Windows 10 Start Menu. The KB5011543 cumulative update preview is part of Microsoft's March 2022 monthly "C" update, allowing admins to test upcoming fixes to be released in the April 2022 Patch Tuesday.

Moscow-based meat producer and distributor Miratorg Agribusiness Holding has suffered a major cyberattack that encrypted its IT systems, according to a report from Rosselkhoznadzor - the Russian federal veterinary and phytosanitary supervision service. The announcement notes that the attackers leveraged the Windows BitLocker feature to encrypt files, essentially performing a ransomware attack.

A new BitRAT malware distribution campaign is underway, exploiting users looking to activate pirated Windows OS versions for free using unofficial Microsoft license activators. In a new BitRAT malware distribution campaign discovered by researchers at AhnLab, threat actors are distributing the malware as a Windows 10 Pro license activator on webhards.

A Windows local privilege escalation zero-day vulnerability that Microsoft has failed to fully address for several months now, allows users to gain administrative privileges in Windows 10, Windows 11, and Windows Server. According to the 0patch team, which has been unofficially providing fixes for discontinued Windows versions and some vulnerabilities that Microsoft won't address, the flaw is still a zero-day.

Threat actors are abusing the popular Chocolatey Windows package manager in a new phishing campaign to install new 'Serpent' backdoor malware on systems of French government agencies and large construction firms. Chocolatey is an open-source package manager for Windows that allows users to install and manage over 9,000 applications and any dependencies through the command line.

Western Digital's EdgeRover desktop app for both Windows and Mac are vulnerable to local privilege escalation and sandboxing escape bugs that could allow the disclosure of sensitive information or denial of service attacks. EdgeRover is a centralized content management solution for Western Digital and SanDisk products, unifying multiple digital storage devices under a single management interface.

A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. Threat actors have attempted to create these fake SSO windows using HTML, CSS, and JavaScript in the past, but there is usually something a little off about the windows, making them look suspicious.

Microsoft has released a new Windows 11 build with a long list of changes, improvements, and fixes for known issues, available for all Windows Insiders that will install the Windows 11 Insider Preview Build 22579 pushed to the Dev Channel. The build's highlight is a new policy for Windows admins who want to exclude USB removable drives from BitLocker encryption.

As Ukraine fights for survival against invading Russian forces, here's a taste of some of the malware the nation's Computer Emergency Response Team is battling. To start, the team earlier this month said miscreants had spammed out emails impersonating government agencies containing links to fake Windows antivirus updates.