Security News

A Windows hacker has found a never-before-seen Easter egg in the Windows 95 Internet Mail application, twenty-five years after the software was released. This week, a new Easter egg in Windows 95's Internet Mail program has been discovered by Windows hacker and developer Albacore, opening a secret window that displays a scrolling list of the developer's names.

Microsoft has released the Windows 10 1909 KB5000850 cumulative update preview and a new KB5001205 Servicing Stack Update that resolves a Secure Boot vulnerability. The KB5001205 Servicing Stack Update will automatically be installed by Windows Update to improve the update experience.

Cisco this week announced the release of software updates that address several vulnerabilities in Jabber for desktop and mobile platforms, the most severe of which could be abused to execute arbitrary code with elevated privileges. The bugs impact Cisco Jabber for Windows, macOS, and mobile platforms, and are not dependable to one another.

Microsoft has addressed a known issue causing the new Microsoft Edge web browser not to install from custom Windows 10 installation media including updates released on Thursday, March 25. Microsoft Edge Legacy is also being removed if using Windows 10 install media bundling the KB5000850 non-security release preview update for Windows 10 1909 and Windows Server 1909.

The Windows Sandbox and the Microsoft Defender Application Guard now launch faster in Windows 10 after installing the Insider Preview Build 21343 for Windows Insiders in the Dev Channel. Windows Sandbox helps Windows 10 users safely run apps in an isolated desktop environment.

Microsoft has fixed a vulnerability in the PsExec utility that allows local users to gain elevated privileges on Windows devices. "This local privilege escalation allows a non-admin process to escalate to SYSTEM if PsExec is executed locally or remotely on the target machine. I was able to confirm this works from Windows 10 all the way back to XP and from my investigation, it affects PsExec v2.2 all the way back to v1.72," explained Wells.

Cisco has addressed a critical arbitrary program execution vulnerability impacting several versions of Cisco Jabber client software for Windows, macOS, Android, and iOS. Cisco Jabber is a web conferencing and instant messaging app that allows users to send messages via the Extensible Messaging and Presence Protocol. The vulnerability does not affect Cisco Jabber client software configured for Team Messaging or Phone-only modes.

A malware that has historically targeted exposed Windows machines through phishing and exploit kits has been retooled to add new "Worm" capabilities. Purple Fox, which first appeared in 2018, is an active malware campaign that until recently required user interaction or some kind of third-party tool to infect Windows machines.

Purple Fox, a Windows malware previously known for infecting machines by using exploit kits and phishing emails, has now added a new technique to its arsenal that gives it worm-like propagation capabilities. Msi" payloads hosted on nearly 2,000 compromised Windows servers that, in turn, download and execute a component with rootkit capabilities, which enables the threat actors to hide the malware on the machine and make it easy to evade detection.

Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows systems reachable over the Internet in ongoing attacks. Purple Fox's exploit kit module has also targeted Windows systems in the past [1, 2] to infect Windows users through their web browsers after exploiting memory corruption and elevation of privilege vulnerabilities.