Security News

"Windows 10 comes with new settings that will allow advance users to gain greater control over how Windows Update installs new Windows 10 feature updates." Last year, Microsoft added the ability to set the specific Windows 10 feature update that you wish to keep using with the Group Policy editor.

Microsoft has updated the icons used in File Explorer to be the new Fluent icons, and while they look great, there is a tradeoff between design and functionality. Microsoft announced last year that they were beginning a process of migrating the existing Windows 10 icons to their Fluent design system, which is supported in Windows, iOS, Android, and web applications.

In 2021, Microsoft is planning to release exciting new Surface products and software updates for Windows 10. Windows 10 21H1. The first update of the year is Windows 10's Spring 2021 Update "21H1" and it's essentially based on version 2004 and version 20H2, and it'll be delivered via an enablement package.

A Windows hacker has found a never-before-seen Easter egg in the Windows 95 Internet Mail application, twenty-five years after the software was released. This week, a new Easter egg in Windows 95's Internet Mail program has been discovered by Windows hacker and developer Albacore, opening a secret window that displays a scrolling list of the developer's names.

Microsoft has released the Windows 10 1909 KB5000850 cumulative update preview and a new KB5001205 Servicing Stack Update that resolves a Secure Boot vulnerability. The KB5001205 Servicing Stack Update will automatically be installed by Windows Update to improve the update experience.

Cisco this week announced the release of software updates that address several vulnerabilities in Jabber for desktop and mobile platforms, the most severe of which could be abused to execute arbitrary code with elevated privileges. The bugs impact Cisco Jabber for Windows, macOS, and mobile platforms, and are not dependable to one another.

Microsoft has addressed a known issue causing the new Microsoft Edge web browser not to install from custom Windows 10 installation media including updates released on Thursday, March 25. Microsoft Edge Legacy is also being removed if using Windows 10 install media bundling the KB5000850 non-security release preview update for Windows 10 1909 and Windows Server 1909.

The Windows Sandbox and the Microsoft Defender Application Guard now launch faster in Windows 10 after installing the Insider Preview Build 21343 for Windows Insiders in the Dev Channel. Windows Sandbox helps Windows 10 users safely run apps in an isolated desktop environment.

Microsoft has fixed a vulnerability in the PsExec utility that allows local users to gain elevated privileges on Windows devices. "This local privilege escalation allows a non-admin process to escalate to SYSTEM if PsExec is executed locally or remotely on the target machine. I was able to confirm this works from Windows 10 all the way back to XP and from my investigation, it affects PsExec v2.2 all the way back to v1.72," explained Wells.

Cisco has addressed a critical arbitrary program execution vulnerability impacting several versions of Cisco Jabber client software for Windows, macOS, Android, and iOS. Cisco Jabber is a web conferencing and instant messaging app that allows users to send messages via the Extensible Messaging and Presence Protocol. The vulnerability does not affect Cisco Jabber client software configured for Team Messaging or Phone-only modes.