Security News
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. In January, we reported on a new Windows 10 vulnerability discovered by Jonas Lykkegård that allows any user or program, even those with low privileges, to mark an NTFS drive as corrupted simply by accessing the special folder.
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. In January, we reported on a new Windows 10 vulnerability discovered by Jonas Lykkegård that allows any user or program, even those with low privileges, to mark an NTFS drive as corrupted simply by accessing the special folder.
The hackers behind the REvil ransomware have released an updated version of the malware that allows them to change Windows passwords and automate file encryption through Safe Mode, according to a recent report from Bleeping Computer. "Brute force password attacks are typically used with RDP simply because people tend to use simple passwords that are easier to remember. Once in a network, REvil moves laterally to deploy ransomware on all resources for maximum effect," Embrey said.
Some Windows 10 users have issues with DNS resolution after installing the latest Windows 10 cumulative updates released this week. As part of this week's April 2021 Patch Tuesday, Microsoft released the Windows 10 KB5001330 & KB5001337 cumulative updates to fix various security vulnerabilities and bugs discovered in the operating system.
Some Windows 10 users have issues with DNS resolution after installing the latest Windows 10 cumulative updates released this week. As part of this week's April 2021 Patch Tuesday, Microsoft released the Windows 10 KB5001330 & KB5001337 cumulative updates to fix various security vulnerabilities and bugs discovered in the operating system.
Microsoft has released Windows Terminal 1.7 and Windows Terminal Preview 1.8 with some long-awaited features and improvements. The most significant change coming to Windows Terminal 1.7 is the new GUI 'Settings' interface by default.
Microsoft is now installing the Windows 10 21H1 build in the Release preview channel, indicating that it will likely be released later this month or in May. Windows 10 21H1 is the next feature update to be released and delivered as an enablement package that enables dormant features already installed on Windows 10 2004 and Windows 20 20H2. Microsoft began testing the Windows 10 21H1 feature update in February after releasing it on the Windows Insider 'Beta' channel. Yesterday, Microsoft announced that they had moved the Windows 10 21H1 feature update to the 'Release' channel, which indicates that they are very close to releasing it.
As part of the April Patch cycle, Microsoft is rolling out a new cumulative update for all supported version of Windows, including KB5001330 for Windows 10 20H2/2004 and KB5001337 for Windows 10 1909. Like every Windows Update, you can open the Settings app and click on the Windows Update option to install the patches.
Microsoft has confirmed that today's release of mandatory Patch Tuesday updates will automatically remove Edge Legacy and replace it with the new Chromium-based Edge. In older versions of Windows 10, users who wished to use it could download it from the Microsoft Edge site or wait for the mandatory Windows Update.
The 2021 spring edition of Pwn2Own hacking contest concluded last week on April 8 with a three-way tie between Team Devcore, OV, and Computest researchers Daan Keuper and Thijs Alkemade. A zero-click exploit targeting Zoom that employed a three-bug chain to exploit the messenger app and gain code execution on the target system.