Security News

A free micropatch fixing a local privilege escalation vulnerability in Microsoft's Windows PsExec management tool is now available through the 0patch platform. This PsExec zero-day is caused by a named pipe hijacking vulnerability which allows attackers to trick PsExec into re-opening a maliciously created named pipe and giving it Local System permissions.

Microsoft now allows users of the Windows Subsystem for Linux to run commands automatically on WSL distribution startup. WSL is a compatibility layer designed by Microsoft to makes it possible for Windows 10 to run Linux binaries in ELF format natively on Windows computers.

Microsoft released today a new simplified version of the Windows File Recovery tool to test on the latest Windows 10 Insider build. In June, we reported that Microsoft quietly released a new file recovery tool on the Microsoft Store called 'Windows File Recovery' that allows you to recover mistakenly deleted files from your hard drives, USB drives, and SD cards.

Microsoft is rolling out a new Windows 10 feature to Insiders called 'News and Interests' that displays a taskbar flyout with recommended news stories, sports scores, and weather information. Similar to Google Discover, the Windows 10 'News and Interests' feature will build a profile of a user's interests to display matching news stories and articles.

A new Microsoft job listing states that the OS developer wants to show customers that "Windows is BACK" with a user interface refresh for Windows 10. According to the job posting, Microsoft is looking for a Senior Engineer to work with the Windows Core User Experience team to "Orchestrate and deliver a sweeping visual rejuvenation of Windows experiences."

A development build of Windows Core Polaris was leaked online yesterday, proving that Microsoft was actively developing the operating system designed for low-performance devices. For those unaware, Microsoft has been secretly working on a modular version of the Windows platform codenamed "Windows Core OS." With Windows Core OS, Microsoft planned to offer different flavors/SKUs of Windows for various form factors, such as phones, 2-in-1s, dual-screen PCs, and collaboration devices.

Google Chrome has fixed a bug that enabled antivirus programs on Windows 10 to lock newly created files. The patching of the bug means antivirus programs running on Windows would no longer block new files generated by the Chrome web browser, such as bookmarks.

This article provides two ways you can download the latest Windows 10 ISO images from Microsoft. Microsoft recommends using their Windows 10 Media Creation Tool to download the latest ISO image or create a bootable USB drive.

With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player. To help secure your system, Adobe will block Flash content from running in Flash Player beginning January 12, 2021.

A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. The C2 server is used to host the bash or PowerShell dropper script, a Golang-based binary worm, and the XMRig miner deployed to surreptitiously mine for untraceable Monero cryptocurrency on infected devices.