Security News
Microsoft late Tuesday pushed out an emergency patch to cover the Windows 'PrintNightmare' security flaw. The issue caused major headaches in security research circles because the exploit targets CVE-2021-1675, a vulnerability that was patched by Microsoft on June 8 and originally misdiagnosed as a low-risk privilege escalation issue.
Microsoft has released the KB5004945 emergency security update to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. Windows 7 SP1 and Windows Server 2008 R2 SP1. Windows Server 2008 SP2. Security updates have not yet been released for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012, but they will also be released soon, according to Microsoft.
Microsoft has released the KB5004945 emergency security update to fix the actively exploited PrintNightmare zero-day vulnerability in the Windows Print Spooler service impacting all Windows versions. Windows 7 SP1 and Windows Server 2008 R2 SP1. Windows Server 2008 SP2. Security updates have not yet been released for Windows 10 version 1607, Windows Server 2016, or Windows Server 2012, but they will also be released soon, according to Microsoft.
Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability - known as "PrintNightmare" - that affects the Windows Print Spooler service and can permit remote threat actors to run arbitrary code and take over vulnerable systems. "The Microsoft Windows Print Spooler service fails to restrict access to functionality that allows users to add printers and related drivers, which can allow a remote authenticated attacker to execute arbitrary code with SYSTEM privileges on a vulnerable system," the CERT Coordination Center said of the issue.
Windows 11 preview is now available for Windows Insiders and it will begin rolling out to the mainstream audience later this year. In addition to redesigned Start Menu and rounded corners, Windows 11 also comes with a new File Explorer and Settings app.
Microsoft is working to fix a known issue blocking Azure Virtual Desktops devices from downloading downloading and installing recent security updates via Windows Server Update Services. "We are investigating an issue where devices running Windows 10 Enterprise multi-session, version 1909 might not be able to download updates later than May 2021," Microsoft says in the Windows Health Dashboard.
PoC for critical Windows Print Spooler flaw leakedMicrosoft has confirmed that the so-called PrintNightmare vulnerability is not the same flaw as the previously patched CVE-2021-1675, and that the leaked PoC exploits can be used to exploit this RCE zero-day. Cisco security devices targeted with CVE-2020-3580 PoC exploitAttackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.
Windows 11 may soon switch to a Black Screen of Death for operating system crash screens rather than the blue screen that has been used for many years. All Windows users have at one point experienced a Blue Screen of Death screen, also known as a BSOD, when the operating system crashes due to a hardware conflict or software bug.
Microsoft now requires a computer to have a TPM 2.0 module to install Windows 11. If your processor is old enough that it does not have one built-in fTPM, your motherboard's module will likely be TPM 1.2, which is not compatible with Windows 11.
Microsoft late Thursday acknowledged a severe security vulnerability in the Print Spooler utility that ships by default on Windows and warned that the bug exposes users to computer takeover attacks. Microsoft's confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines.