Security News

As part of the latest Windows 11 update, Microsoft is updating the hidden icons flyout on the lower right of the Taskbar to match the new visuals of Windows 11. Microsoft Teams Chat app, which is based on Microsoft Teams desktop client, is now rolling out to Windows 11 users.

WireGuard, a high performance and easily configured VPN protocol, is getting a native port from Linux to the Windows kernel, and the code has been published as experimental work in progress. A WireGuard implementation for Windows already exists and can be found here, based on what Jason A Donenfeld, the creator of WireGuard, called "a generic TUN driver we developed called Wintun" and a cross-platform Go codebase called wireguard-go.

Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers, which impacts hundreds of millions of Windows machines. If exploited, cyberattackers could bypass security products; install programs; view, change, encrypt or delete data; or create new accounts with more extensive user rights.

An attacker who exploits this flaw could use system privileges to install programs, view or delete data, and create accounts with full user rights. Following a string of recent flaws discovered in Windows, the latest vulnerability dubbed "HiveNightmare" could allow someone to compromise your system by exploiting a security weakness that affects the Registry.

A privilege escalation bug, affecting versions of Windows 10, received a workaround fix by Microsoft Wednesday to prevent attackers from accessing data and creating new accounts on compromised systems. The bug, dubbed SeriousSAM, affects the Security Accounts Manager database in all versions of Windows 10.

Cybersecurity researchers on Wednesday disclosed details of an evolving malware that has now been upgraded to steal sensitive information from Apple's macOS operating system. While the very first Formbook samples were detected in the wild in January 2016, the sale of the malware on underground forums stopped in October 2017, only to be resurrected more than two years later in the form of XLoader in February 2020.

Merely days after Microsoft sounded the alarm on an unpatched security vulnerability in the Windows Print Spooler service, possibly yet another zero-day flaw in the same component has come to light, making it the fourth printer-related shortcoming to be discovered in recent weeks. "Microsoft Windows allows for non-admin users to be able to install printer drivers via Point and Print," CERT Coordination Center's Will Dormann said in an advisory published Sunday.

Microsoft's Windows 10 and the upcoming Windows 11 versions have been found vulnerable to a new local privilege escalation vulnerability that permits users with low-level permissions access Windows system files, in turn, enabling them to unmask the operating system installation password and even decrypt private keys. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," the Windows makers noted.

Microsoft Defender Application Guard protects your networks and data from malicious applications running in your web browser, but you must install and activate it first. In a previous article, we noted that many of the security features listed as absolute requirements for a successful Windows 11 installation are already available as options in Windows 10, you just have to turn them on manually.

Denoted CVE-2021-36934, this one has variously been nicknamed HiveNightmare and SeriousSAM. The moniker HiveNightmare comes from the fact that Windows stores its registry data in a small number of proprietary database files, known in Microsoft jargon as hives or hive files. These hive files include a trio called SAM, SECURITY and SYSTEM, which between them include secret data including passwords and security tokens that regular users aren't supposed to be able to access.