Security News

A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively exploited zero-day in its MSHTML Platform that came to light last week. Of the 66 flaws, three are rated Critical, 62 are rated Important, and one is rated Moderate in severity.

Microsoft has released a security update to fix the last remaining PrintNightmare zero-day vulnerabilities that allowed attackers to gain administrative privileges on Windows devices quickly. In June, a zero-day Windows print spooler vulnerability dubbed PrintNightmare was accidentally disclosed.

In September's Patch Tuesday crop of security fixes, Microsoft released patches for 66 CVEs, three of which are rated critical, and one of which - the Windows MSHTML zero-day - has been under active attack for nearly two weeks. Microsoft said last week that the flaw could let an attacker "Craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine," after which "The attacker would then have to convince the user to open the malicious document." Unfortunately, malicious macro attacks continue to be prevalent: In July, for example, legacy users of Microsoft Excel were being targeted in a malware campaign that used a novel malware-obfuscation technique to disable malicious macro warnings and deliver the ZLoader trojan.

Microsoft today fixed a high severity zero-day vulnerability actively exploited in targeted attacks against Microsoft Office and Office 365 on Windows 10 computers. According to Microsoft, CVE-2021-40444 impacts Windows Server 2008 through 2019 and Windows 8.1 or later, and it has a severity level of 8.8 out of the maximum 10.

The September 2021 Patch Update is released and Microsoft is now rolling out new KB5005565 and KB5005566 cumulative updates for recent versions of Windows 10. Today's cumulative updates include security fixes for PCs with May 2021 Update, October 2020 Update, and May 2020 Update.

A targeted campaign delivering the ZLoader banking trojan is spreading via Google AdWords, and is using a mechanism to disable all Windows Defender modules on victim machines, researchers have found. To target victims, the malware is spread from a fake Google advertisement for various software, researchers found - an indirect alternative to social-engineering tactics like spear-phishing emails.

Microsoft has reminded customers today that Windows 10 2004 and Windows Server 2004 will reach the end of servicing on December 14, 2021. Microsoft advises customers still running Windows 10 2004 to install the May 2021 Update that will upgrade their devices to Windows 10, version 21H1, which will reach the end of service next year, on December 13, for all editions.

An ongoing Zloader campaign uses a new infection chain to disable Microsoft Defender Antivirus on victims' computers to evade detection. According to Microsoft's stats, Microsoft Defender Antivirus is the anti-malware solution pre-installed on more than 1 billion systems running Windows 10.

Cybersecurity researchers on Tuesday disclosed details about a high-severity flaw in the HP OMEN driver software that impacts millions of gaming computers worldwide, leaving them open to an array of attacks. "The problem is that HP OMEN Command Center includes a driver that, while ostensibly developed by HP, is actually a partial copy of another driver full of known vulnerabilities," SentinelOne researchers said in a report shared with The Hacker News.

Likely fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser. After some programs began hijacking default program settings without permission, Microsoft added restrictions in Windows 10 by requiring users to specifically choose their default programs.