Security News

Microsoft has released a Linux version of the very popular Sysmon system monitoring utility for Windows, allowing Linux administrators to monitor devices for malicious activity. Today, Microsoft's Mark Russinovich and a cofounder of the Sysinternals utility suite, announced that Microsoft had released Sysmon for Linux as an open-source project on GitHub.

Microsoft has confirmed new Windows 11 known issues which cause printers installation fails on systems commonly found in enterprise environments. As Redmond explains, printer installation might fail when attempted over the network on devices that access printers via print server using HTTP connections.

"Although Microsoft lists user interaction required, the Preview Pane is also listed as an attack vector. This creates a much larger attack surface. When combined with a privilege escalation - like the one currently under active attack - this could be used to take over a target system," noted Dustin Childs, with Trend Micro's Zero Day Initiative. CVE-2021-26427 is a Microsoft Exchange Server RCE vulnerability that has the highest CVSS score this month.

Researchers have discovered a zero-day exploit for Microsoft Windows that was being used to elevate privileges and take over Windows servers as part of a Chinese-speaking advanced persistent threat espionage campaign this summer. As mentioned, the cybercriminals were using the exploit as part of a wider effort to install a remote shell on target servers, i.e., the MysterySnail malware, which was unknown prior to this campaign.

Microsoft has released the Windows 11 KB5006674 cumulative update, marking it as the first update for the new operating system since it has been released to the public channel. The KB5006674 cumulative update contains security updates, performance improvements, and bug fixes for Windows 11 21H2 since it was first released on October 5th. You can install this update by going to Start > Settings > Windows Update and clicking on 'Check for Updates.

A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan. The malware, known as MysterySnail, was found by Kaspersky security researchers on multiple Microsoft Servers between late August and early September 2021.

The October 2021 Patch Update is now rolling out and Microsoft has published cumulative updates KB5006670 for recent versions of Windows 10. The update is now rolling out via Windows Update, WSUS, and the Microsoft Update Catalog with numerous bug fixes and performance enhancements.

Brother is warning that many of their printers may no longer work or display errors when using a USB connection in Windows 11. Brother states that you can ignore the error, and the document should print successfully.

Microsoft is working on adding support for Bronze Bit attacks detection to Microsoft Defender for Identity to make it easier for Security Operations teams to detect attempts to abuse a Windows Kerberos security bypass bug tracked as CVE-2020-17049. Microsoft Defender for Identity is a cloud-based security solution that leverages on-premises Active Directory signals.

Microsoft is blocking Windows 11 upgrades if customers use applications that create registry keys using some non-ASCII characters. "Compatibility issues have been found between apps using some non-ASCII characters in their registry keys or subkeys and Windows 11," Microsoft explains.