Security News

Microsoft has rolled out Patch Tuesday updates to address multiple security vulnerabilities in Windows and other software, including one actively exploited flaw that's being abused to deliver Emotet, TrickBot, or Bazaloader malware payloads. It's worth noting that this is in addition to the 21 flaws resolved in the Chromium-based Microsoft Edge browser.

Microsoft is working on making Windows Terminal the default terminal emulator program in Windows 11 instead of the Windows Console Host, starting next year. Unlike the current default app, the Windows Terminal app comes with support for multiple console tabs in a single window and choosing between the cmd shell, PowerShell, and Linux distro shells installed via the Windows Subsystem for Linux.

Microsoft has addressed a known issue that plagued Windows Server customers for weeks, preventing the Defender for Endpoint enterprise security platform from launching on some systems. The issue only impacts devices where customers installed Windows Server 2019 and Windows Server 2022 security updates issued during last month's Patch Tuesday.

Microsoft has released the Windows 11 KB5008215 cumulative update to fix security vulnerabilities and bugs introduced in previous versions. KB5008215 is a mandatory cumulative update containing security updates, performance improvements, and bug fixes for Windows 11 21H2. You can install this update by going to Start > Settings > Windows Update and clicking on 'Check for Updates.

The bug, a Windows AppX Installer spoofing security flaw tracked as CVE-2021-43890, can be exploited remotely by threat actors with low user privileges in high complexity attacks requiring user interaction. "We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader," Microsoft explains.

December 2021 Patch Tuesday is rolling out to devices on Windows 10 version 2004, version 20H2, version 21H1 and version 21H2. As per the official release notes, Microsoft has published two cumulative updates - KB5008212 and KB5008206. Like the November release, this month's security updates include security fixes for November 2021 Update, May 2021 Update, October 2020 Update, and May 2020 Update.

Dell's fix wasn't comprehensive enough to prevent additional exploitation, and as security researchers warn now, it is an excellent candidate for future Bring Your Own Vulnerable Driver attacks. "However, the partially fixed driver can still help attackers."

The vulnerability affects all Windows versions, including Windows 11 and Windows Server 2022, and it can be exploited by attackers with limited local accounts to escalate privileges and run code with admin rights. Mitja Kolsek, the co-founder of the 0patch service that delivers hotfixes that don't require system reboots, explains that the issue stems from the way Windows installer creates a Rollback File that allows restoring the data deleted or modified during the installation process.

Windows 11 is getting a new "Voice Access" feature to control the operating system using your voice and a microphone. While Microsoft has already supported dictation via a microphone, the ability to use your voice to execute commands in Windows has been limited to specific applications.

Microsoft has added the Windows Subsystem for Linux as a separate app to the Microsoft Store with the release of Windows 11 Insider Preview Build 22518 to the Dev Channel. The WSL store app for Windows 11 machines was announced in October when it was also first added as a preview.