Security News

Cybersecurity researchers have disclosed a novel technique adopted by threat actors to deliberately evade detection with the help of malformed digital signatures of its malware payloads. "Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code - which is used in a number of security scanning products," Google Threat Analysis Group's Neel Mehta said in a write-up published on Thursday.

Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices. "These flaws make every Windows system vulnerable to easily-crafted attacks that install fraudulent vendor-specific tables," researchers from Eclypsium said in a report published on Monday.

An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a severe security issue, since if an attacker can control such domains or has the ability to 'sniff' traffic in the same network, they can capture domain credentials in plain text that are being transferred over the wire," Guardicore's Amit Serper said in a technical report.

Microsoft has moved Windows 11 to the Windows Insider 'Release' channel in anticipation of its upcoming launch on October 5th. Until today, the Windows Insider Release channel has been offering users Windows 10 21H2, which is expected to be released next month. Starting today, Microsoft is now offering Windows 11 as an optional download within Windows Update for users with compatible hardware, as shown below.

Microsoft has moved Windows 11 to the Windows Insider 'Release' channel in anticipation of its upcoming launch on October 5th. Until today, the Windows Insider Release channel has been offering users Windows 10 21H2, which is expected to be released next month. Starting today, Microsoft is now offering Windows 11 as an optional download within Windows Update for users with compatible hardware, as shown below.

Google researchers spotted malware developers creating malformed code signatures seen as valid in Windows to bypass security software. Roughly a month ago, Google Threat Analysis Group security researcher Neel Mehta discovered that the developers of an unwanted software known as OpenSUpdater started signing their samples with legitimate but intentionally malformed certificates, accepted by Windows but rejected by OpenSSL. By breaking certificate parsing for OpenSSL, the malicious samples would not be detected by some security solutions that use OpenSSL-powered detection rules and allowed to perform their malicious tasks on victims' PCs. "Since mid-August, OpenSUpdater samples have carried an invalid signature, and further investigation showed this was a deliberate attempt to evade detection," Mehta said.

Surface Duo 2 is based on the original Surface Duo, but this new model pushes the boundaries of what a mobile device could be. With Surface Duo 2, Microsoft is introducing a new camera and gaming experience, and editing controls for creators.

Bugs in the implementation of Microsoft Exchange's Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide.In a new report by Amit Serper, Guardicore's AVP of Security Research, the researcher reveals how the incorrect implementation of the Autodiscover protocol, rather than a bug in Microsoft Exchange, is causing Windows credentials to be sent to third-party untrusted websites.

Microsoft has released an updated PC Health Check tool that provides detailed information about whether a device's hardware is compatible with Windows 11. "Based on the feedback so far, we acknowledge that it was not fully prepared to share the level of detail or accuracy you expected from us on why a Windows 10 PC doesn't meet upgrade requirements," explained Microsoft in a blog post.

Microsoft's Patch Tuesday update last week was meant to fix print vulnerabilities in Windows but also broke network printing for many, with some admins disabling security or removing the patch to get it working. Microsoft's fix was in two phases, first to add a registry setting to increase the authorization level for remote access to printers and second, to inform admins that "The release transitions into the enforcement phase on September 14, 2021. Enforcement phase enforces the changes to address CVE-2021-1678 by increasing the authorization level without having to set the registry value." That September date was "Patch Tuesday" last week - though some admins were already having issues with network printing caused by Microsoft's other mitigation efforts.