Security News

An infosec firm accidentally published a proof-of-concept exploit for a critical Windows print spooler vulnerability that can be abused by rogue users to compromise Active Directory domain controllers. This security hole could be exploited by a normal user to execute code as an administrator on a system running the print spooler service.

Windows network administrators are scrambling to contain the fallout from the release of proof-of-concept code for a nasty Windows Print Spooler vulnerability that exposes Windows servers to remote code execution attacks. Multiple threat hunters are reporting that published demo exploit code provides a code execution path on fully patched Windows servers, meaning that Microsoft's June patch may have missed the mark.

CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that it can be exploited to achieve remote code execution and - what's worse - PoC exploits have since been leaked. The Windows Print Spooler is an application / interface / service that interacts with local or networked printers and manages the printing process.

Microsoft has released an optional out-of-band update for all supported Windows 10 versions to address an issue preventing customers from opening PDF documents using some applications. The KB5004760 emergency update is available for devices running client editions of Windows 10 versions 2004, 20H2, and 21H1, as well as Windows Server versions 2004 and 20H2. "An out-of-band optional update is now available on the Microsoft Update Catalog to address an issue in which Internet Explorer 11 and apps using the WebBrowser control might fail to open PDFs," the company says.

Although it's usually just thought of as storage for BitLocker keys, the Trusted Platform Module services a wide range of Windows security features: storing other keys and the PINs for Windows Hello biometrics and Credential Guard; blocking brute-force dictionary attacks so that even shorter PINs and passwords are more secure; powering virtual smart cards; acting as the hardware root of trust for secure boot and measured boot; attesting to PC health after boot with Windows Defender System Guard; and enabling 'white glove' and self-service Autopilot deployments. To run Windows 11, CPUs need to have the hardware virtualisation features to enable virtual secure mode for Virtualisation-Based Security and the Hypervisor-Protected Code Integrity that underlies a range of protections that Microsoft has been building since Windows 8, like Application Guard, Control Flow Guard, Credential Guard, Device Guard and System Guard.

New issues pop up in every new release of Windows, so it's not surprising that we will find numerous bugs in the early preview builds of Windows 11. Thankfully, most of the bugs have been pretty easy to fix so far and should get you back up and running playing with Windows 11.

Microsoft has added a privacy feature to Windows 11 called DNS-over-HTTPS, allowing users to perform encrypted DNS lookups to bypass censorship and Internet activity. DNS-over-HTTPS allows your computer to perform these DNS lookups over an encrypted HTTPS connection rather than through normal plain text DNS lookups, which ISPs and governments can snoop on.

Microsoft announced today that they might lower the Windows 11 system requirements to allow Intel 7th generation and AMD Zen 1 CPUs to use the new operating system. Even if your hardware had no problems running Windows 10, Microsoft decided only to allow Intel 8th generation, AMD Zen 2, and Qualcomm 7 and 8 Series processors to be compatible with Windows 11.

Microsoft on Friday admitted it had signed malicious third-party driver code submitted for certification through its Windows Hardware Compatibility Program. According to Microsoft, the miscreant behind the subverted driver was focused on computer game players in China, and is not the sort of nation-state-backed group that has been giving Microsoft and its enterprise customers headaches over the past few months.

The first Windows 11 preview build has been released, and users are reporting being unable to install it for not meeting minimum system requirements. Last week, Microsoft announced that Windows 11 is their next version of Windows and that Windows Insiders would get their first chance of testing the preview builds this week.