Security News

Microsoft has shared a workaround for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," Microsoft explains in a security advisory published on Tuesday evening.

Recent builds of Windows 10, and the preview of Windows 11, have a misconfigured access control list for the Security Account Manager, SYSTEM, and SECURITY registry hive files. You may think you're safe because your Windows PC doesn't have a suitable VSS shadow copy, yet there are ways to end up quietly creating one and put your machine at risk.

With Windows 11, Microsoft is integrating the Microsoft Teams chatting feature into the Windows Taskbar. Microsoft Teams Chat feature is based on Microsoft Teams desktop client and Microsoft is basically extending Teams capability by bringing the dedicated button right to your taskbar.

Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files. The database files associated with the Windows Registry are stored under the C:Windowssystem32config folder and are broken up into different files such as SYSTEM, SECURITY, SAM, DEFAULT, and SOFTWARE. As these files contain sensitive information about all user accounts on a device and security tokens used by Windows features, they should be restricted from being viewed by regular users with no elevated privileges.

Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers, which impacts hundreds of millions of Windows machines. The bug has lurked in systems for 16 years, researchers at SentinelOne said, but was only uncovered this year.

Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed "MosaicLoader" that singles out individuals searching for cracked software as part of a global campaign. "The attackers behind MosaicLoader created a piece of malware that can deliver any payload on the system, making it potentially profitable as a delivery service," Bitdefender researchers said in a report shared with The Hacker News.

Many of the hardware and software security features Microsoft lists as absolute requirements for a successful Windows 11 installation are already available as options in Windows 10. In some cases, getting these more advanced levels of security is just a matter of turning them on, particularly on newer PCs. One of the more powerful of these security features is the Hypervisor-Protected Code Integrity protocol.

Security researchers have unearthed new elevation of privilege bugs in Windows Print Spooler, one of the oldest Windows components. Scarce details have been shared about the first one, aside from the note that it "Exists when the Windows Print Spooler service improperly performs privileged file operations," and can be exploited by an attacker to elevate privilege to SYSTEM level.

Unlike Windows 10 feature updates, Windows 11 comes with several new features and improvements. Windows 11 comes with centered Start Menu and taskbar, similar to Windows 10X. Start Menu doesn't come with traditional live tiles.

Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. Since the incomplete fix, security researchers have been heavily scrutinizing the Windows printing APIs and have found further vulnerabilities affecting the Windows print spooler.