Security News

Fake Windows 10 updates are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month. While researching the campaign, we discovered a topic in our forums where readers report becoming infected by the Magniber ransomware after installing what is believed to be Windows 10 cumulative or security update.

That's where secured-core server comes in, using hardware-based security tools to protect your servers right from the moment they start to boot. Secured-core systems need a second generation TPM. The first and most obvious task is using the TPM to ensure the integrity of a server's BIOS and firmware, using pro-loaded signatures.

Microsoft has released a new Windows 11 build to the Dev and Beta Channels that introduces multiple group policies that IT administrators can use to tweak the Start menu, the taskbar, and the system tray. "We are introducing new policies so that IT administrators can simplify their Windows 11 experience across Start, taskbar, and the system tray," the Windows Insider team said.

The Emotet botnet is now using Windows shortcut files containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. LNK files is not new, as the Emotet gang previously used them in a combination with Visual Basic Script code to build a command that downloads the payload. However, this is the first time that they utilized Windows shortcuts to directly execute PowerShell commands.

The San Diego Supercomputer Center in the US is ditching its lead-acid uninterruptible power supply batteries for more environmentally friendly rechargeables - though it's avoiding lithium-ion, and going with a new form of rechargeable alkaline. Currently, the SDSC relies on a generator and UPS to provide emergency power.

Microsoft has released the optional KB5011831 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2 that fixes 26 bugs. This update includes many bug fixes, including those for Microsoft OneDrive, Remote Desktop, News and Interest, Azure Active Directory, and delays in booting Windows 10.

Unlike Windows 10, Windows 11 comes with a new Settings app. Thankfully, Windows 11 still comes with the Control Panel and File Explorer-based advanced configuration page called "God Mode" that allows you to easily access all advanced tools, features, and tasks.

Microsoft has released the optional KB5012636 cumulative update preview for Windows 10 1809 and Windows Server 2019, with fixes for system freezing issues affecting client and server systems. This update is part of Microsoft's scheduled April 2022 monthly "C" updates, and it allows Windows 10 users to test the fixes released on May 10th as part of next month's Patch Tuesday.

A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency has warned. To that end, the agency has added the shortcoming to its Known Exploited Vulnerabilities Catalog, requiring Federal Civilian Executive Branch agencies to address the issues by May 10, 2022.

The Cybersecurity and Infrastructure Security Agency has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler. Redmond patched several other Windows Print Spooler bugs in the last 12 months, including the critical PrintNightmare remote code execution vulnerability.