Security News

Microsoft has shared details on Known Issue Rollback, a Windows 10 capability used to revert buggy non-security fixes delivered through Windows Update. As a Windows 10 servicing improvement, Known Issue Rollback allows Microsoft to revert single and targeted bug fixes once critical regressions are detected.

Microsoft is ramping up the forced rollout of Windows 10, version 20H2 to more devices approaching end of service, as part of a new rollout phase. Windows 10 20H2 is also rolling out to users manually checking for updates on devices running Windows 10 1903 or later starting October 2020.

Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform. Windows Server 2022 is now in preview and "Provides secured connectivity enabled by industry-standard AES 256 encryption," as Microsoft announced today.

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. Voisin found the two working Linux and Windows exploits on the online VirusTotal malware analysis platform.

Microsoft is believed to be working on a new virtualized desktop experience called 'Cloud PC' to help administrators deploy and manage Windows 10 PCs in the cloud via web browser, mobile app or another PC. Cloud PC will also allow Microsoft to handle your organization's device configuration by applying updates security improvements regularly, and offer managed support. Cloud PC is based on Azure and Windows Virtual Desktop and it won't replace any version of Windows.

Windows 10 21H2 will be released in the fall of 2021 after Windows 10 21H1 is released in the spring followed by Windows 10X. Codenamed "Sun Valley." Windows 10 21H2 will be a full-featured update that includes numerous new features and improvements for the Start Menu, Taskbar, Action Center, and more, which we have outlined below. Since Windows 10 version 21H1 will be a minor release, native support for DNS over HTTPS will likely be introduced with Windows 10 Sun Valley update.

Windows 10 21H2 will be released in the fall of 2021 after Windows 10 21H1 is released in the spring followed by Windows 10X. Codenamed "Sun Valley." Windows 10 21H2 will be a full-featured update that includes numerous new features and improvements for the Start Menu, Taskbar, Action Center, and more, which we have outlined below. Since Windows 10 version 21H1 will be a minor release, native support for DNS over HTTPS will likely be introduced with Windows 10 Sun Valley update.

Microsoft has fixed a Windows 10 bug that could cause NTFS volumes to become corrupted by merely accessing a particular path or viewing a specially crafted file. Windows then prompts the user to reboot the computer and run chkdsk to fix the corruption.

Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept exploit code for a critical remote code execution bug affecting a Windows graphics component. The Project Zero researchers discovered the vulnerability, tracked as CVE-2021-24093, in a high-quality text rendering Windows API named Microsoft DirectWrite.

A new Ryuk ransomware variant with worm-like capabilities that allow it to spread to other devices on victims' local networks has been discovered by the French national cyber-security agency while investigating an attack in early 2021. To propagate itself over the local network, the new Ryuk variant lists all the IP addresses in the local ARP cache and sends what looks like Wake-on-LAN packets to each of the discovered devices.