Security News

Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems. At the top of the list is CVE-2021-40449, a use-after-free vulnerability in the Win32k kernel driver discovered by Kaspersky as being exploited in the wild in late August and early September 2021 as part of a widespread espionage campaign targeting IT companies, defense contractors, and diplomatic entities.

Google's VirusTotal service showing that 95 per cent of ransomware malware identified by its systems targets Windows. What systems are most attacked? 93.28 per cent of ransomware detected were Windows executables, and 2 per cent Windows DLLs, the report said.

Microsoft has released a Linux version of the very popular Sysmon system monitoring utility for Windows, allowing Linux administrators to monitor devices for malicious activity. Today, Microsoft's Mark Russinovich and a cofounder of the Sysinternals utility suite, announced that Microsoft had released Sysmon for Linux as an open-source project on GitHub.

Microsoft has confirmed new Windows 11 known issues which cause printers installation fails on systems commonly found in enterprise environments. As Redmond explains, printer installation might fail when attempted over the network on devices that access printers via print server using HTTP connections.

"Although Microsoft lists user interaction required, the Preview Pane is also listed as an attack vector. This creates a much larger attack surface. When combined with a privilege escalation - like the one currently under active attack - this could be used to take over a target system," noted Dustin Childs, with Trend Micro's Zero Day Initiative. CVE-2021-26427 is a Microsoft Exchange Server RCE vulnerability that has the highest CVSS score this month.

Researchers have discovered a zero-day exploit for Microsoft Windows that was being used to elevate privileges and take over Windows servers as part of a Chinese-speaking advanced persistent threat espionage campaign this summer. As mentioned, the cybercriminals were using the exploit as part of a wider effort to install a remote shell on target servers, i.e., the MysterySnail malware, which was unknown prior to this campaign.

Microsoft has released the Windows 11 KB5006674 cumulative update, marking it as the first update for the new operating system since it has been released to the public channel. The KB5006674 cumulative update contains security updates, performance improvements, and bug fixes for Windows 11 21H2 since it was first released on October 5th. You can install this update by going to Start > Settings > Windows Update and clicking on 'Check for Updates.

A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan. The malware, known as MysterySnail, was found by Kaspersky security researchers on multiple Microsoft Servers between late August and early September 2021.

The October 2021 Patch Update is now rolling out and Microsoft has published cumulative updates KB5006670 for recent versions of Windows 10. The update is now rolling out via Windows Update, WSUS, and the Microsoft Update Catalog with numerous bug fixes and performance enhancements.

Brother is warning that many of their printers may no longer work or display errors when using a USB connection in Windows 11. Brother states that you can ignore the error, and the document should print successfully.