Security News

A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. [...]

Houndreds of housands and possibly millions of Windows computers and servers worldwide have been made inoperable by a faulty update of Crowdstrike Falcon Sensors, and the outage affected transport, broadcast, financial, retail and other organizations in Europe, Australia, the US and elsewhere. What initially seemed like it might be a Microsoft problem is now confirmed to have been created by Crowdstrike, i.e., its endpoint security agent.

Updated An update to a product from infosec vendor CrowdStrike is bricking computers running Windows globally. The Register has found numerous accounts of Windows 10 PCs crashing, displaying the Blue Screen of Death, then being unable to reboot.

Microsoft has fixed a known issue preventing the Microsoft Photos app from starting on some Windows 11 22H2 and 23H2 systems. Last week, Redmond fixed two more Windows 11 issues causing update problems when using Windows Update automation scripts and triggering reboot loops and taskbar problems after installing the June KB5039302 preview update.

Microsoft says the Windows 11 2023 Update has entered the broad deployment phase and is now available to all seekers on eligible systems.Also known as Windows 11 23H2, this latest release will now be offered to all Windows devices not configured to defer feature updates and unaffected by compatibility holds.

Microsoft will introduce checkpoint cumulative updates starting in late 2024 for systems running devices running Windows Server 2025 and Windows 11, version 24H2 or later. This new type of update will deliver security fixes and new features via smaller, incremental differentials that include only changes added since the previous checkpoint cumulative update.

The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend Micro's Zero Day Initiative have shared. As previously explained by Check Point researcher Haifei Li, the attackers used files that were specially crafted to exploit the vulnerability but were made to look like PDFs. "The threat actor leveraged CVE-2024-38112 to execute malicious code by abusing the MHTML protocol handler and x-usc directives through internet shortcut files. Using this technique, the threat actor was able to access and run files directly through the disabled Internet Explorer instance on Windows machines," Trend Micro researchers noted.

Microsoft has provided a temporary workaround for a known issue preventing the Microsoft Photos app from launching on some Windows 11 systems. [...]

Microsoft has confirmed that Windows Server updates from last month's Patch Tuesday break some Microsoft 365 Defender features that use the network data reporting service. "Devices which have installed Windows Server updates released June 11, 2024 might experience problems with Microsoft 365 Defender," the company explained on the Windows Server health dashboard.

Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. While using Facebook advertisements to push information-stealing malware is not new, the social media platform's massive reach makes these campaigns a significant threat.