Security News

Microsoft shares workarounds for new Windows 10 zero-day bug
2021-07-21 08:32

Microsoft has shared a workaround for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," Microsoft explains in a security advisory published on Tuesday evening.

Make-me-admin holes found in Windows, Linux kernel
2021-07-21 01:55

Recent builds of Windows 10, and the preview of Windows 11, have a misconfigured access control list for the Security Account Manager, SYSTEM, and SECURITY registry hive files. You may think you're safe because your Windows PC doesn't have a suitable VSS shadow copy, yet there are ways to end up quietly creating one and put your machine at risk.

Microsoft Teams chat feature rolling out to Windows 11
2021-07-20 22:19

With Windows 11, Microsoft is integrating the Microsoft Teams chatting feature into the Windows Taskbar. Microsoft Teams Chat feature is based on Microsoft Teams desktop client and Microsoft is basically extending Teams capability by bringing the dedicated button right to your taskbar.

New Windows 10 vulnerability allows anyone to get admin privileges
2021-07-20 16:27

Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files. The database files associated with the Windows Registry are stored under the C:Windowssystem32config folder and are broken up into different files such as SYSTEM, SECURITY, SAM, DEFAULT, and SOFTWARE. As these files contain sensitive information about all user accounts on a device and security tokens used by Windows features, they should be restricted from being viewed by regular users with no elevated privileges.

16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines
2021-07-20 13:31

Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers, which impacts hundreds of millions of Windows machines. The bug has lurked in systems for 16 years, researchers at SentinelOne said, but was only uncovered this year.

This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection
2021-07-20 01:48

Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed "MosaicLoader" that singles out individuals searching for cracked software as part of a global campaign. "The attackers behind MosaicLoader created a piece of malware that can deliver any payload on the system, making it potentially profitable as a delivery service," Bitdefender researchers said in a report shared with The Hacker News.

How to activate virtualization-based security and core isolation in Windows 10
2021-07-19 20:25

Many of the hardware and software security features Microsoft lists as absolute requirements for a successful Windows 11 installation are already available as options in Windows 10. In some cases, getting these more advanced levels of security is just a matter of turning them on, particularly on newer PCs. One of the more powerful of these security features is the Hypervisor-Protected Code Integrity protocol.

There are new unpatched bugs in Windows Print Spooler
2021-07-19 09:59

Security researchers have unearthed new elevation of privilege bugs in Windows Print Spooler, one of the oldest Windows components. Scarce details have been shared about the first one, aside from the note that it "Exists when the Windows Print Spooler service improperly performs privileged file operations," and can be exploited by an attacker to elevate privilege to SYSTEM level.

Windows 11 features, expected release date, and latest news
2021-07-18 20:30

Unlike Windows 10 feature updates, Windows 11 comes with several new features and improvements. Windows 11 comes with centered Start Menu and taskbar, similar to Windows 10X. Start Menu doesn't come with traditional live tiles.

New Windows print spooler zero day exploitable via remote print servers
2021-07-18 20:02

Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. Since the incomplete fix, security researchers have been heavily scrutinizing the Windows printing APIs and have found further vulnerabilities affecting the Windows print spooler.