Security News

"This vulnerability allows an attacker to relay NTLM authentication sessions to an attacked machine, and use a printer spooler MSRPC interface to remotely execute code on the attacked machine," the researchers said in a Friday advisory. NTLM relay attacks are a kind of man-in-the-middle attacks that typically permit attackers with access to a network to intercept legitimate authentication traffic between a client and a server and relay these validated authentication requests in order to access network services.

Like almost all operating systems, Windows 10 is vulnerable to security and privacy issues, and researchers have proved that Microsoft can track a lot of your activities to improve their products and enable personalized ads and promotions. Thankfully, Windows 10 allows us to improve the operating system's security and privacy using the built-in settings app.

A vulnerability in the Windows Installer component, which Microsoft attempted to fix several times to no avail, today received a micropatch to deny hackers the option of gaining the highest privileges on a compromised system. Windows 10 v20H2, 32/64bit, updated with January 2021 updates.

EU police agency Europol has boasted of taking down the main botnet powering the Emotet trojan-cum-malware dropper, as part of a multinational police operation that included raids on the alleged operators' homes in the Ukraine. "To severely disrupt the EMOTET infrastructure, law enforcement teamed up together to create an effective operational strategy. It resulted in this week's action whereby law enforcement and judicial authorities gained control of the infrastructure and took it down from the inside," said Europol in a jubilant statement this afternoon.

Microsoft has released a new set of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix bugs impacting multiple Intel CPU families. Microcode updates are released by Intel after discovering bugs in their CPUs to allow OS vendors to patch the CPU behavior to address or at least partially mitigate the issues.

This month Google engineers have fixed a severe remote code execution vulnerability in the Go language. The RCE vulnerability, CVE-2021-3115, mainly impacts Windows users of Go running the go get command, due to the default behavior of Windows PATH lookups.

Developers have released an unofficial fix for a Windows bug that could lead to the corruption of an NTFS volume by merely viewing a specially crafted file. Earlier this month, BleepingComputer reported that a Windows 10 bug was discovered by security researcher Jonas Lykkegaard that allows non-privileged users to mark an NTFS volume as dirty.

ProtonVPN is working on fixing a bug causing Windows blue screen crashes affecting customers using the latest versions of the company's Windows client software. "We have received reports that in particular circumstances the latest versions of ProtonVPN Windows clients might lead to Blue Screen crashes in Windows, due to a conflict with certain antiviruses," ProtonVPN said.

One of the vulnerabilities that Microsoft addressed on January 2021 Patch Tuesday could allow an attacker to relay NTLM authentication sessions and then execute code remotely, using a printer spooler MSRPC interface. Tracked as CVE-2021-1678, the vulnerability has been described by Microsoft as an NT LAN Manager security feature bypass, and is rated important for all affected Windows versions, namely, Windows Server, Server 2012 R2, Server 2008, Server 2016, Server 2019, RT 8.1, 8.1, 7, and 10.

Microsoft has shared a workaround for a known issue impacting Windows 10 devices with Conexant ISST audio drivers and causing update errors and issues. Windows 10 computers affected by this known issue come with Conexant ISST Audio or Conexant HDAudio drivers under 'Sound, video and game controllers' in Device Manager.