Security News

Windows PetitPotam vulnerability gets an unofficial free patch
2021-08-06 18:13

A free unofficial patch is now available to block attackers from taking over domain controllers and compromising entire Windows domains via PetitPotam NTLM relay attacks. The PetitPotam attack vector that forces Windows machines to authenticate against threat actors' malicious NTLM relay servers using the Microsoft Encrypting File System Remote Protocol was disclosed last month by security researcher Gilles Lionel.

New Windows PrintNightmare zero-days get free unofficial patch
2021-08-05 15:19

A free unofficial patch has been released to protect Windows users from all new PrintNightmare zero-day vulnerabilities discovered since June. Technical details and a proof-of-concept exploit for a new Windows print spooler vulnerability named 'PrintNightmare' was accidentally disclosed in June.

Black Hat: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers Say
2021-08-05 14:36

LAS VEGAS - Microsoft Windows 10 biometric user authentication systems Windows Hello can be bypassed, using a single infrared image of a user's face planted on a tampered clone of an external USB-based webcam. According to research disclosed here at Black Hat USA 2021, the flaw still allows attackers - in some scenarios - to bypass Windows Hello and Windows Hello for Business, used for single-sign-on access to a user's computer and a host of Windows services and associated data.

Windows admins now can block external devices via layered Group Policy
2021-08-04 16:45

Microsoft has added support for layered Group Policies, which allow IT admins to control what internal or external devices users can be installed on corporate endpoints across their organization's network. Using these identifiers, an admin can create an 'allow list' of allowed devices that will block all other devices from being installed.

Microsoft halts Windows 365 trials after running out of servers
2021-08-04 00:06

Microsoft has suspended free trials of their newly launched Windows 365 Cloud PC service after running out of available servers. Yesterday, Microsoft launched their Windows 365 cloud-based virtual desktop experience that allows the enterprise to deploy Windows 10 Cloud PCs on the cloud.

Windows 11's October 2021 release date hinted in support docs
2021-08-03 15:55

A planned October 2021 release date for Windows 11 has been accidentally leaked in support documents from both Microsoft and Intel. Support documents released over the past two months from Microsoft and Intel have revealed that the plan is to release Windows 11 in October, or at the latest, in November this year.

Windows 10 to automatically block potentially unwanted apps
2021-08-02 20:39

Microsoft Defender and Microsoft Edge on Windows 10 will automatically block potentially unwanted applications by default starting this month. Starting with the Windows 10 2004, the May 2020 update, Microsoft added a new 'Potentially unwanted app blocking' setting in Windows security that causes Microsoft Defender to block these types of applications.

Microsoft's Windows 365 Cloud PC service is live - Costs from $24 to $162
2021-08-02 18:10

Microsoft's Windows 365 Cloud PC service is now generally available, allowing businesses to deploy Windows 10 desktops in the cloud for prices ranging between $24 and $162 per device. At the Inspire 2021 conference, Microsoft revealed their new Windows 365 cloud-based virtual desktop experience that allows businesses to deploy Windows 10 Cloud PCs, with Windows 11 later, on the cloud.

Windows PetitPotam attacks can be blocked using new method
2021-08-02 16:10

Security researchers have devised a way to block the recently disclosed PetitPotam attack vector that allows hackers to take control of a Windows domain controller easily. Last month, security researcher GILLES Lionel disclosed a new method called PetitPotam that forces a Windows machine, including a Windows domain controller, to authenticate against a threat actor's malicious NTLM relay server using the Microsoft Encrypting File System Remote Protocol.

Windows 11 future updates: Here's everything you need to know
2021-08-01 21:17

In a support document, Microsoft confirmed that Windows 11 will get all updates currently offered to Windows 10, including Patch Tuesday, optional preview, OOB, and more. There will be one change to the update cadence: Windows 11 will be updated once a year with new features, and that feature update will be released in the second half of the year.