Security News

Microsoft has discovered a new malware used by the Chinese-backed Hafnium hacking group to maintain persistence on compromised Windows systems by creating and hiding scheduled tasks. "Further investigation reveals forensic artifacts of the usage of Impacket tooling for lateral movement and execution and the discovery of a defense evasion malware called Tarrask that creates 'hidden' scheduled tasks, and subsequent actions to remove the task attributes, to conceal the scheduled tasks from traditional means of identification."

The Qbot botnet is now pushing malware payloads via phishing emails with password-protected ZIP archive attachments containing malicious MSI Windows Installer packages. This is the first time the Qbot operators are using this tactic, switching from their standard way of delivering the malware via phishing emails dropping Microsoft Office documents with malicious macros on targets' devices.

If you are waiting for Windows 11 side-taskbar support before upgrading to the latest operating system, you may be waiting for a long time, according to a recent Microsoft Ask Me Anything session. When Windows was first released, the most controversial changes were the new centered Start Menu and the reduced functionality of the Windows taskbar.

Windows Autopatch is an automated, managed service by Microsoft to keep Windows and Office always up-to-date. "Windows Autopatch manages all aspects of deployment groups for Windows 10 and Windows 11 quality and feature updates, drivers, firmware, and Microsoft 365 Apps for enterprise updates. Drivers and firmware that are published to Windows Update as Automatic will be delivered as part of Windows Autopatch," Lior Bela, a Senior Product Marketing Manager on the Microsoft 365 team, explained.

During the Hybrid work event, Microsoft officially teased new features coming to the operating system this year. This new feature uses Microsoft Defender SmartScreen to alert users when they try to store passwords in plain texts in apps like Notepad. The feature will also warn users if they accidentally enter the Microsoft account passwords on phishing sites.

Microsoft announced that Windows Autopatch, a service designed to automatically keep Windows and Office software up to date, will be released in July 2022. Windows Autopatch is a new managed service offered for free to all Microsoft customers who already have a Windows 10/11 Enterprise E3 or above license.

Microsoft has reminded customers today that multiple editions of Windows 10 20H2 and Windows 10 1909 are reaching the end of service on May 10, 2022. In a support document, Microsoft says that Windows 10 20H2 will reach EOS for Windows 10 Home, Pro, Pro Education, and Pro for Workstations users.

While there are some malicious drivers that are deliberately crafted to compromise PCs, the most problems come from a small number of legitimate drivers with accidental flaws in, said David Weston, VP of Enterprise and OS Security at Microsoft. "Think about some of the driver cases recently where a certificate leaked from a giant vendor. If we revoke that, everyone's devices may stop working. We need more of a precision mechanism to do blocking while we work towards the longer approach of revocation. The Vulnerable Driver Block List allows the user to do that with a very precise list that Microsoft has validated. We look at things like how many devices would stop working? Have we worked with a vendor to have a fix? We think the list is a good balance for folks who want security, but also want the confidence that Microsoft has done the telemetry and analysis."

"In a future release of Windows 11 you're going to see significant security updates that add even more protection from the chip to the cloud by combining modern hardware and software," said David Weston, VP for Enterprise & OS Security. One of the new security features Microsoft is adding in Windows 11 is enhanced phishing protection against targeted phishing attacks with the help of Microsoft Defender SmartScreen, a cloud-based anti-phishing and anti-malware service.

Microsoft has unveiled new Windows 11 features at today's 'Windows Powers the Future of Hybrid Work' event, including a redesigned File Explorer, new accessibility features, Focus for Windows 11, and more. To help Windows users increase productivity, Microsoft has revealed new features and enhancements to Windows 11, including a revamped File Explorer, App Folder in the Start Menu, new Focus features, and the new Live Captions accessibility features.