Security News

A Windows living-off-the-land binary known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. In this case, Regsvr32 is aMicrosoft-signed command line utility in Windows that allows users to register and unregister libraries.

Threat actors have started distributing fake Windows 11 upgrade installers to users of Windows 10, tricking them into downloading and executing RedLine stealer malware. The timing of the attacks coincides with the moment that Microsoft announced Windows 11's broad deployment phase, so the attackers were well-prepared for this move and waited for the right moment to maximize their operation's success.

The new update is now available for Windows 10 21H2, version 21H1, and version 20H2 As per the official release notes, Microsoft has published two main cumulative updates for Windows 10 - KB5010342 and KB5010345. Like every Patch Tuesday, you can check for and install new updates by going to Settings, clicking on Windows Update, and selecting 'Check for Updates' to install the updates.

Microsoft has released the Windows 11 KB5010386 cumulative update with security updates, performance improvements, and fixes for an LDAP bug. Windows 11 users can install today's update by going to Start > Settings > Windows Update and clicking on 'Check for Updates.

Mozilla released a security update to address a high severity privilege escalation vulnerability found in the Mozilla Maintenance Service. The Mozilla Maintenance Service is an optional Firefox and Thunderbird service that makes application updates possible in the background.

Case in point: One of the most stressful remote work experiences involves mandated Windows password changes on a company-issued laptop. You can't get into your workstation to launch the VPN to try to correct the problem with another password reset on your own.

CISA is putting the thumbscrews on federal agencies to get them to patch an actively exploited Windows vulnerability. The move means that Federal Civilian Executive Branch agencies have until Feb. 18, 2022 to remediate the vulnerability, which affects all unpatched versions of Windows 10.

Microsoft says it has fixed a known issue triggered by last month's Windows updates that would cause apps using Microsoft. "After installing updates released January 11, 2022 or later, apps using Microsoft.NET Framework to acquire or set Active Directory Forest Trust Information might fail, close, or you might receive an error from the app or Windows," Microsoft explained in an update to the Windows health dashboard.

The U.S. Cybersecurity and Infrastructure Security Agency is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 to the Known Exploited Vulnerabilities Catalog, necessitating that Federal Civilian Executive Branch agencies patch all systems against this vulnerability by February 18, 2022.

Later this year, Microsoft is planning to launch the first big update for Windows 11. The update is reportedly codenamed "Sun Valley 2," and it is expected to ship with a new Task Manager, improvements to Start Menu and Taskbar, and more.