Security News

The September 2021 Patch Update is released and Microsoft is now rolling out new KB5005565 and KB5005566 cumulative updates for recent versions of Windows 10. Today's cumulative updates include security fixes for PCs with May 2021 Update, October 2020 Update, and May 2020 Update.

A targeted campaign delivering the ZLoader banking trojan is spreading via Google AdWords, and is using a mechanism to disable all Windows Defender modules on victim machines, researchers have found. To target victims, the malware is spread from a fake Google advertisement for various software, researchers found - an indirect alternative to social-engineering tactics like spear-phishing emails.

Microsoft has reminded customers today that Windows 10 2004 and Windows Server 2004 will reach the end of servicing on December 14, 2021. Microsoft advises customers still running Windows 10 2004 to install the May 2021 Update that will upgrade their devices to Windows 10, version 21H1, which will reach the end of service next year, on December 13, for all editions.

An ongoing Zloader campaign uses a new infection chain to disable Microsoft Defender Antivirus on victims' computers to evade detection. According to Microsoft's stats, Microsoft Defender Antivirus is the anti-malware solution pre-installed on more than 1 billion systems running Windows 10.

Cybersecurity researchers on Tuesday disclosed details about a high-severity flaw in the HP OMEN driver software that impacts millions of gaming computers worldwide, leaving them open to an array of attacks. "The problem is that HP OMEN Command Center includes a driver that, while ostensibly developed by HP, is actually a partial copy of another driver full of known vulnerabilities," SentinelOne researchers said in a report shared with The Hacker News.

Likely fed up with the new Windows 11 default apps interface, Mozilla has bypassed Microsoft's policies to make it easier for users to switch their default browser. After some programs began hijacking default program settings without permission, Microsoft added restrictions in Windows 10 by requiring users to specifically choose their default programs.

Microsoft has confirmed that Android apps are coming to Windows 11 and users will be able to try mobile apps on the desktop operating system soon, but the general availability has been delayed. Ahead of the beta testing with Insiders, Microsoft has already published the placeholder for the Android subsystem in the Microsoft Store.

Threat actors are sharing Windows MSHTML zero-day tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a victim's computer remotely.

New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks. This Internet Explorer MSHTML remote code execution vulnerability, tracked as CVE-2021-40444, was disclosed by Microsoft on Tuesday but with few details as it has not been patched yet.

The ActiveX code activates the Windows MSHTML component, used for viewing web pages, exploits a bug in it to give itself the same level of control that you yourself would have right from the Windows desktop, and uses it to implant malware of the attacker's choice. MSHTML isn't a full-on browser, like Internet Explorer or Edge, but is a part of the operating system that can be used to create browsers or browser-like applications that need or want to display HTML files.