Security News

Microsoft has released the optional KB5010414 cumulative update preview for Windows 11, with highly anticipated taskbar enhancements and fixes for 19 issues, including printing and driver problems. The cumulative update preview is part of Microsoft's scheduled February 2022 monthly "C" updates, making it possible for Windows 11 users to test the upcoming fixes released on March 8th as part of next month's Patch Tuesday.

Microsoft has released the optional KB5010415 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes a wide variety of bug fixes, including those for Microsoft Edge's Internet Explorer mode, printing, memory leaks, and more. The KB5010415 cumulative update preview is part of Microsoft's January 2022 monthly "C" update, allowing admins to test upcoming fixes to be released in the March 2022 Patch Tuesday.

The public preview for the Android apps for Windows 11 is now live in the US, allowing users to run Android apps natively on the Windows desktop. The feature relies on a new platform called Windows Subsystem for Android that runs Android apps in a virtual machine to provide compatibility with the Android Open Source Project and hardware input devices.

Microsoft is enabling a Microsoft Defender 'Attack Surface Reduction' security rule by default to block hackers' attempts to steal Windows credentials from the LSASS process. While Microsoft Defender block programs like Mimikatz, a LSASS memory dump can still be transferred to a remote computer to dump credentials without fear of being blocked.

Microsoft is enabling a Microsoft Defender 'Attack Surface Reduction' security rule by default to block hackers' attempts to steal Windows credentials from the LSASS process. One of the most common methods to steal Windows credentials is to gain admin privileges on a compromised device and then dump the memory of the Local Security Authority Server Service process running in Windows.

The U.S. Cybersecurity & Infrastructure Security Agency has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks.CISA's warning about these vulnerabilities serves as a wake-up call to all system administrators that they need to prioritize installing security updates to protect the organization's network.

In a support document updated today, Microsoft stated that Windows 10 20H2 will reach EOS on May 10, 2022. "These editions will no longer receive security updates after May 10, 2022. Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 10 to remain supported," Microsoft explained.

Exe in Windows Server in favor of Windows PowerShell, which also includes the ability to query Windows Management Instrumentation. "The WMIC tool is deprecated in Windows 10, version 21H1 and the 21H1 General Availability Channel release of Windows Server. This tool is superseded by Windows PowerShell for WMI," explains the list of deprecated Window features.

Malware distributors have turned to an older trick known as Squiblydoo to spread Qbot and Lokibot via Microsoft Office document using regsvr32. A report from the threat research team at security analytics platform Uptycs shows that the use of regsvr32.

A Windows living-off-the-land binary known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. In this case, Regsvr32 is aMicrosoft-signed command line utility in Windows that allows users to register and unregister libraries.