Security News

New Windows print spooler zero day exploitable via remote print servers
2021-07-18 20:02

Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. Since the incomplete fix, security researchers have been heavily scrutinizing the Windows printing APIs and have found further vulnerabilities affecting the Windows print spooler.

Windows 11’s subsystem for Android - What we know so far
2021-07-17 21:35

During Windows 11's June 2021 event, Microsoft confirmed that Android apps are coming to Windows 11 and users will be able to try mobile apps on the desktop operating system. Amazon has already confirmed that its Appstore will support Android App Bundles, the next-generation Android app standard format that will eventually replace the current APK format.

Can't download Windows 10 21H2? Here's how to get it
2021-07-17 13:45

Microsoft released the first preview build of Windows 10 21H2 this week, but it is not being offered to everyone at this time. On Thursday, Microsoft released the first Windows 10 21H2 preview build.

Microsoft Warns of New Unpatched Windows Print Spooler Vulnerability
2021-07-17 04:53

Microsoft on Thursday shared fresh guidance on yet another vulnerability affecting the Windows Print Spooler service, stating that it's working to address it in an upcoming security update. "An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges," the Windows maker said in its advisory.

Update Your Windows PCs to Patch 117 New Flaws, Including 9 Zero-Days
2021-07-17 04:52

Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems. "This Patch Tuesday comes just days after out-of-band updates were released to address PrintNightmare - the critical flaw in the Windows Print Spooler service that was found in all versions of Windows," Bharat Jogi, senior manager of vulnerability and threat research at Qualys, told The Hacker News.

Defcon Talk Prompts New Windows Print Spooler Flaw Warning
2021-07-16 17:52

Microsoft's problems with security defects in the Windows Print Spooler utility are getting worse by the week. After spending the last two months pushing out multiple Print Spooler fixes, Redmond's security response team late Thursday acknowledged a new, unpatched bug that exposes Windows users to privilege escalation attacks.

You'll want to shut down the Windows Print Spooler service (yes, again): Another privilege escalation bug found
2021-07-16 17:28

Microsoft has shared guidance revealing yet another vulnerability connected to its Windows Print Spooler service, saying it is "Developing a security update." The latest Print Spooler service vuln has been assigned CVE-2021-34481, and can be exploited to elevate privilege to SYSTEM level via file operations.

Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware
2021-07-16 15:55

A set of unique spyware strains created by an Israeli firm and allegedly used by governments around the world to surveil dissidents has been defanged by Microsoft, the software giant said. The spyware exploits two elevation-of-privilege security vulnerabilities in Windows, CVE-2021-31979 and CVE-2021-33771, both of which were addressed in Microsoft's July Patch Tuesday update this week.

Windows 10 21H2 preview released with new security features
2021-07-16 15:21

Microsoft will continue to release Windows 10 feature updates, such as Windows 10 21H2, through October 2025 to allow businesses and consumers time to switch to Windows 11. As most of the development for new features is going into Windows 11, Microsoft will be releasing limited features for Windows 10 going forward.

Microsoft: New Unpatched Bug in Windows Print Spooler
2021-07-16 11:57

Microsoft has warned of yet another vulnerability that's been discovered in its Windows Print Spooler that can allow attackers to elevate privilege to gain full user rights to a system. The company released the advisory late Thursday for the latest bug, a Windows Print Spooler elevation-of-privilege vulnerability tracked as CVE-2021-34481.