Security News

Windows Hello is a feature in Windows 10 that allows users to authenticate themselves without a password, using a PIN code or biometric identity-either a fingerprint or facial recognition-to access a device or machine. The Windows Hello bypass vulnerability, tracked as CVE-2021-34466, requires an attacker to have physical access to a device to exploit it, according to researchers at CyberArk Labs who discovered the flaw in March.

Microsoft has addressed a security feature bypass vulnerability in the Windows Hello authentication biometrics-based tech, letting threat actors spoof a target's identity and trick the face recognition mechanism into giving them access to the system. As discovered by CyberArk Labs security researchers, attackers can create custom USB devices that Windows Hello will work with to completely circumvent Windows Hello's facial recognition mechanism using a single valid IR frame of the target.

Microsoft's embattled security response unit is urging Windows fleet administrators to prioritize fixes for three documented vulns that have already been exploited in live malware attacks. In all, Microsoft documented 117 vulnerabilities in the Windows ecosystem, some dangerous enough to expose users to remote code execution attacks.

As part of the July 2021 Patch Tuesday, Microsoft has released new KB5004237 and KB5004245 cumulative updates for recent versions of Windows. Today's cumulative updates include security fixes for PCs with May 2021 Update, October 2020 Update, and May 2020 Update.

A new emergency directive issued by the Cybersecurity and Infrastructure Security Agency orders federal agencies to mitigate the actively exploited Window Print Spooler vulnerability on their networks. CISA issued the Emergency Directive 21-04 after Microsoft released security updates on Friday to address the vulnerability dubbed PrintNightmare in all supported Windows versions.

In addition to Windows 11, Microsoft has been secretly working on a new Windows PC experience called 'Cloud PC' that allows business customers to run virtualized desktops in the cloud. Cloud PC is reportedly based on Azure and uses Windows Virtual Desktop and remote desktop clients to stream a Windows desktop to any device.

Microsoft removed a registry hack in the latest preview build that allowed Windows 11 users to revert to the "Classic" Windows 10 Start Menu. When the Windows 11 preview build was leaked in June, one of the most significant and most controversial changes was a new floating Start Menu centered in the middle of the Taskbar.

Microsoft removed a registry hack in the latest preview build that allowed Windows 11 users to revert to the "Classic" Windows 10 Start Menu. When the Windows 11 preview build was leaked in June, one of the most significant and most controversial changes was a new floating Start Menu centered in the middle of the Taskbar.

Microsoft has released an emergency fix for printing issues affecting Zebra and Dymo receipt or label printers caused by changes in the recently released KB5003690, KB5004760, and KB5004945 updates. Thursday night, Microsoft released an emergency fix for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1 to resolve these issues.

Microsoft has added new features and fixed multiple issues in the latest Windows 11 Dev build based on feedback received from Windows Insiders in the Dev Channel. Redmond shared a list of all known issues currently affecting Windows 11 Preview builds, including Device Security saying that "Standard hardware security not supported" for Insiders with supported hardware and failures to enter text when searching from Start or the Taskbar.