Security News
Security researchers have devised a way to block the recently disclosed PetitPotam attack vector that allows hackers to take control of a Windows domain controller easily. Last month, security researcher GILLES Lionel disclosed a new method called PetitPotam that forces a Windows machine, including a Windows domain controller, to authenticate against a threat actor's malicious NTLM relay server using the Microsoft Encrypting File System Remote Protocol.
In a support document, Microsoft confirmed that Windows 11 will get all updates currently offered to Windows 10, including Patch Tuesday, optional preview, OOB, and more. There will be one change to the update cadence: Windows 11 will be updated once a year with new features, and that feature update will be released in the second half of the year.
An official stock photo of Windows 11 has accidentally leaked the upcoming redesign of the Microsoft Paint application. Microsoft Paint was introduced with the first release of Windows in 1985, and while it is not the most advanced tool, it has become a fixture of the operating system.
Last week, a new open-source Registry Editor was released that puts Windows Regedit software to shame by supporting a host of advanced features, making editing the Registry easier than ever. If you are a Windows administrator or power user, then you have likely made changes to the Registry at one point using Windows built-in Registry Editor to fix a bug or tweak a configuration setting.
A researcher has created a remote print server allowing any Windows user with limited privileges to gain complete control over a device simply by installing a print driver. In June, a security researcher accidentally revealed a zero-day Windows print spooler vulnerability known as PrintNightmare that allowed remote code execution and elevation of privileges.
A researcher has created a remote print server allowing any Windows user with limited privileges to gain complete control over a device simply by installing a print driver. In June, a security researcher accidentally revealed a zero-day Windows print spooler vulnerability known as PrintNightmare that allowed remote code execution and elevation of privileges.
Microsoft says the Windows Subsystem for Linux can now be installed on Windows 10, version 2004 or later using a single terminal command. "In the latest Windows Insider Preview builds, you can install everything you need to run WSL just by running wsl.exe -install," Windows Developer Platform Program Manager Craig Loewen said.
Microsoft has released temporary mitigation info for a known issue that might cause print and scan failures on multiple Windows Server versions after installing July 2021 security updates on domain controllers. If the known issue still appears on up-to-date devices, affected customers should contact the device manufacturer and ask for setting changes or updates to make the printer or scanner compliant with CVE-2021-33764 hardenings deployed via July Windows 10 security updates.
An infamous cross-platform crypto-mining malware has continued to refine and improve upon its techniques to strike both Windows and Linux operating systems by setting its sights on older vulnerabilities, while simultaneously latching on to a variety of spreading mechanisms to maximize the effectiveness of its campaigns. "LemonDuck, an actively updated and robust malware that's primarily known for its botnet and cryptocurrency mining objectives, followed the same trajectory when it adopted more sophisticated behavior and escalated its operations," Microsoft said in a technical write-up published last week.
Microsoft has released the optional KB5004296 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1. This update fixes Windows 10 gaming issues that have been plaguing users since March. Windows users can install this update by going into Settings, clicking on Windows Update, and selecting 'Check for Updates.