Security News

Microsoft shared info on a now-fixed known issue leading to Local Security Authority Subsystem Service crashes and Windows Server domain controller. As Microsoft explains in a new entry added to the Window Health dashboard, unexpected restarts are triggered on Windows Servers domain controllers after installing updates released during the January 2021 Patch Tuesday.

Microsoft says Windows Server security updates released on and since the January 2022 Patch Tuesday might prevent applications and network appliances from creating Netlogon secure channels if installed on domain controllers. Netlogon is a remote procedure call interface and Windows Server process that authenticates services and users on Windows domain-based networks.

Microsoft says Windows customers might find that some of their files are not deleted after resetting their Windows devices with the "Remove everything" option. "When attempting to reset a Windows device with apps which have folders with reparse data, such as OneDrive or OneDrive for Business, files which have been downloaded or synced locally from OneDrive might not be deleted when selecting the 'Remove everything' option," Microsoft explains on the Windows health dashboard.

A new custom malware dubbed SockDetour found on systems belonging to US defense contractors has been used as a backup backdoor to maintain access to compromised networks. SockDetour [.] serves as a backup backdoor in case the primary backdoor is detected and removed by defenders," Unit 42 explained.

A newly discovered custom malware dubbed SockDetour has been found on systems belonging to US defense contractors and used as a backup backdoor to maintain access to compromised networks. SockDetour [.] serves as a backup backdoor in case the primary backdoor is detected and removed by defenders," Unit 42 explained.

Microsoft has finally started testing a new version of Task Manager with users in the Windows Insider Program. Task Manager continues to be one of the most popular tools for Windows and it is the easiest way to identify troublesome apps and end their process.

A new Golang-based botnet under active development has been ensnaring hundreds of Windows devices each time its operators deploy a new command and control server. First spotted in October 2021 by ZeroFox researchers who dubbed it Kraken, this previously unknown botnet uses the SmokeLoader backdoor and malware downloader to spread to new Windows systems.

Microsoft announced the general availability of hotpatching for Windows Server Azure Edition core virtual machines allowing admins to install Windows security updates on supported VMs without requiring server restarts. The feature works with newly deployed Azure virtual machines running Windows Server 2022 Datacenter: Azure Edition Core Gen2 images and is available in all global Azure regions.

Microsoft says the latest released Windows 11 developer build also comes with a series of optimizations for windowed and borderless modes that will "Significantly improve latency," which can drastically reduce input lag and provide a better experience in DX10/DX11 games. Other Windows 11 gaming improvements introduced on Wednesday include Auto HDR and Variable Refresh Rate for a better HDR gaming experience.

Microsoft has released a new Windows 11 build with a long list of improvements and fixes for known issues for all Windows Insiders that will install the Windows 11 Insider Preview Build 22557, now available in the Dev Channel. Probably the most awaited change is the revival of drag and drop support to the taskbar that allows Windows 11 users to drag and drop files between apps by hovering the mouse over their taskbar icons.