Security News

Cybercriminals have been using a novel approach to exfiltrate data that involves directly injecting malicious Google Chrome extensions onto victims' Windows machines via the abuse of Google's cloud synching function. The malicious add-on is disguised as a "Forcepoint Endpoint Chrome Extension for Windows," with the attackers using the security company's logo to enhance an air of legitimacy.

Mozilla has released Firefox 85.0.1 and includes a fix that prevents a Windows 10 NTFS corruption bug from being triggered from the browser. Last month, BleepingComputer reported that a bug in Windows 10 and Windows XP allows non-privileged users to mark an NTFS volume as dirty.

Microsoft has announced today that Microsoft Edge Legacy will be permanently removed and replaced with the new Microsoft Edge after installing April's Windows 10 Patch Tuesday security update. "To replace this out of support application, we are announcing that the new Microsoft Edge will be available as part of the Windows 10 cumulative monthly security update-otherwise referred to as the Update Tuesday release-on April 13, 2021," the Microsoft Edge Team said.

The heap-buffer overflow error exists in V8, an open-source WebAssembly and JavaScript engine developed by the Chromium Project for Google Chrome and Chromium web browsers. Researchers urge Google Chrome users to update as soon as possible.

Visual Studio is crashing when docking or dragging windows around after installing recently released. NET Framework cumulative update previews for Windows 10 and Windows Server.

Microsoft has announced that Windows 10, version 2004 has now been added to the broad deployment channel and will be available to everyone via Windows Update. Microsoft officially started rolling out Windows 10 2004 in May 2020, but for many people, it wasn't yet being offered when checking via Windows Update.

Microsoft has addressed a known issue impacting multiple Windows 10 apps and causing them to forget users' passwords after upgrading devices to certain Windows 10, version 2004 builds. The issue was resolved in the KB4598291 release preview cumulative update for all editions of Windows 10 and Windows Server versions 2004 and 20H2. This update also comes with fixes for device deactivation issues and freezing problems while playing games full-screen.

Microsoft has released the KB4598291 release preview cumulative update for all editions of Windows 10 and Windows Server versions 2004 and 20H2, with fixes for device deactivation issues and unresponsiveness while playing games in full-screen. After installing the KB4598291 non-security update you may experience issues with system and user certificates getting lost when updating from Windows 10 1809 or later versions utilizing outdated update media.

Microsoft has released the KB4598291 release preview cumulative update for all editions of Windows 10 and Windows Server versions 2004 and 20H2, with fixes for device deactivation issues and unresponsiveness while playing games in full-screen. After installing the KB4598291 non-security update you may experience issues with system and user certificates getting lost when updating from Windows 10 1809 or later versions utilizing outdated update media.

Apple has pulled iCloud 12 for Windows 10 from the Microsoft Store for what is believed to be issues with their new Chrome iCloud Keychain password synchronization feature. On January 26th, Apple released iCloud 12 with a new 'Passwords' feature, that when enabled, prompts users to install an 'iCloud Passwords' extension to synchronize and automatically fill in passwords saved in the iCloud Keychain.