Security News

Microsoft has released emergency out-of-band updates to address multiple issues caused by Windows Updates issued during the January 2021 Patch Tuesday. All OOB updates released today are available for download on the Microsoft Update Catalog, and some of them can also be installed directly through Windows Update as optional updates.

Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "Wormable" vulnerability. The patches cover a swath of the computing giant's portfolio, including Microsoft Windows and Windows Components, Exchange Server, Microsoft Office and Office Components, SharePoint Server,.

The January 2022 Windows Server cumulative updates are once again available via Windows Update after being pulled yesterday without an official reason from Microsoft. After Windows admins installed the updates, some found that it caused their Windows Servers to go into boot loops, ReFS volumes to become inaccessible, and Hyper-V not to start.

The January 2022 Windows Server cumulative updates are once again available via Windows Update after being pulled yesterday without an official reason from Microsoft. After Windows admins installed the updates, some found that it caused their Windows Servers to go into boot loops, ReFS volumes to become inaccessible, and Hyper-V not to start.

Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable. The shattering of Windows was first reported by BornCity on Tuesday, as in, on the same day that Microsoft released a mega-dump of 97 security updates in its January 2022 Patch Tuesday update.

Microsoft has pulled the January Windows Server cumulative updates after critical bugs caused domain controllers to reboot, Hyper-V to not work, and ReFS volume systems to become unavailable. Tuesday, Microsoft released the January 2022 Patch Tuesday updates for Windows Server that includes numerous security updates and bug fixes.

A privilege escalation vulnerability impacting all Windows versions that can let threat actors gain domain admin privileges through an NTLM relay attack has received unofficial patches after Microsoft tagged it as "Won't fix." Kerberos has superseded NTLM, the current default auth protocol for domain-connected devices for all Windows 2000 and later.

The bug dates back at least to Windows Server 2012 R2, CyberArk software architect and security champion Gabriel Sztejnworcel wrote, leading the firm to conclude that the latest versions of Windows - including client and server editions - are affected. Sztejnworcel's writeup goes into great detail about how the attack works, but some basics on RDP plumbing include the fact that RDP splits a single connection into multiple logical connections called virtual channels for handling different types of data.

A new cross-platform backdoor called "SysJoker" has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that's believed to have been initiated during the second half of 2021. "SysJoker masquerades as a system update and generates its by decoding a string retrieved from a text file hosted on Google Drive," Intezer researchers Avigayil Mechtinger, Ryan Robinson, and Nicole Fishbein noted in a technical write-up publicizing their findings.

The latest Windows Server updates are causing severe issues for administrators, with domain controllers having spontaneous reboots, Hyper-V not starting, and inaccessible ReFS volumes until the updates are rolled back. The most serious issue introduced by these updates is that Windows domain controllers enter a boot loop, with servers getting into an endless cycle of Windows starting and then rebooting after a few minutes.