Security News
Microsoft has added a new experimental 'Eco mode' feature to the Windows 10 Task Manager in the latest Preview build available for Windows Insiders in the Dev Channel. Starting with Windows 10 Insider Preview Build 21364, users will see a new option added to the process context menus in the Task Manager, which allows them to throttle process resources to release memory and CPU cycles for other tasks.
The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials. Due to its prevalent use in corporate networks, cybercriminals have built a thriving economy around selling the stolen credentials for RDP servers.
Microsoft has partially fixed a local privilege escalation vulnerability impacting all Windows 7 and Server 2008 R2 devices. Security researcher Clément Labro discovered that insecure permissions on the registry keys of the RpcEptMapper and DnsCache services enable attackers to trick the RPC Endpoint Mapper service to load malicious DLLs on Windows 7 and Windows Server 2008R2.
Microsoft is backporting their upcoming Windows 10 News and Interests taskbar feature to Windows 10 20H2 and Windows 10 21H1, allowing far more people to access the new feature. In January, Microsoft began testing a new taskbar news feed feature called 'News and Interests' that builds an interest profile for a user and displays stories based upon those interests.
In 2018, Microsoft introduced a multitasking feature called "Windows Timeline" that lets you see a timeline of activities that you performed in Windows 10 including the webpages you visited, documents you created/opened, photos you added, and more. Windows Timeline, which can be accessed using Win+Tab shortcut, logs and organizes activities that you do on your PC and lets you sync the contents to other devices.
Later this year, Microsoft will release the first big update of the year codenamed "Windows 10 version 21H2". In addition to a new Start Menu, we're also expecting a number of improvements for existing features, such as the Windows Settings app. Below we have outlined the new nifty changes expected to launch this year.
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. In January, we reported on a new Windows 10 vulnerability discovered by Jonas Lykkegård that allows any user or program, even those with low privileges, to mark an NTFS drive as corrupted simply by accessing the special folder.
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. In January, we reported on a new Windows 10 vulnerability discovered by Jonas Lykkegård that allows any user or program, even those with low privileges, to mark an NTFS drive as corrupted simply by accessing the special folder.
The hackers behind the REvil ransomware have released an updated version of the malware that allows them to change Windows passwords and automate file encryption through Safe Mode, according to a recent report from Bleeping Computer. "Brute force password attacks are typically used with RDP simply because people tend to use simple passwords that are easier to remember. Once in a network, REvil moves laterally to deploy ransomware on all resources for maximum effect," Embrey said.
Some Windows 10 users have issues with DNS resolution after installing the latest Windows 10 cumulative updates released this week. As part of this week's April 2021 Patch Tuesday, Microsoft released the Windows 10 KB5001330 & KB5001337 cumulative updates to fix various security vulnerabilities and bugs discovered in the operating system.