Security News

Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day. While Microsoft hasn't yet found evidence of Adrozek being used to push malware onto its victims' computers through the injected ads, this can happen at any time.

Microsoft has announced the long-awaited ability to run emulated 64-bit applications in Windows on ARM. This new feature will allow applications to use more memory and thus gain better performance than their 32-bit counterparts. When Windows 10 for ARM was released in 2017, Microsoft created an emulation layer that allowed users to run 32-bit applications.

On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud. Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.

Proof-of-concept exploit code and full details on a Windows Kerberos security bypass vulnerability have been published earlier this week by Jake Karnes, the NetSPI security consultant and penetration tester who reported the security bug to Microsoft. The security bug tracked as CVE-2020-17049 and patched by Microsoft during November 2020's Patch Tuesday can be exploited in what the researcher has named as Kerberos Bronze Bit attacks.

Cisco has addressed a new critical severity remote code execution vulnerability affecting several versions of Cisco Jabber for Windows, macOS, and mobile platforms after patching a related security bug in September. Cisco released security updates in September to address a critical RCE security vulnerability tracked as CVE-2020-3495 stemming from a Cross-Site Scripting bug in Cisco Jabber.

A new Qbot malware version now activates its persistence mechanism right before infected Windows devices shutdown and it automatically removes any traces when the system restarts or wakes up from sleep. Starting with November 24, when Binary Defense threat researcher James Quinn says that the new Qbot version was spotted, the malware is using a newer and stealthier persistence mechanism that takes advantage of system shutdown and resume messages to toggle persistence on infected devices.

Microsoft has issued security updates to address a Kerberos security feature bypass vulnerability impacting multiple Windows Server versions in a two-phase staged rollout. The vulnerability impacts only Windows server platforms from Windows Server 2012 up to the latest version Windows Server, version 20H2. Microsoft's security advisory says that there is no evidence of active exploitation of this security bug in the wild or of publicly available CVE-2020-16996 exploit code.

Microsoft on Tuesday released fixes for 58 newly discovered security flaws spanning as many as 11 products and services as part of its final Patch Tuesday of 2020, effectively bringing their CVE total to 1,250 for the year. The fixes for December concern a number of remote code execution flaws in Microsoft Exchange, SharePoint, Excel, and Hyper-V virtualization software, as well as a patch for a security feature bypass in Kerberos, and a number of privilege escalation flaws in Windows Backup Engine and Windows Cloud Files Mini Filter Driver.

Adobe Systems has stomped out critical-severity flaws across its Adobe Prelude, Adobe Experience Manager and Adobe Lightroom applications. This month's Adobe patch roundup included a critical cross-site scripting vulnerability in Adobe Experience Manager, the company's content-management solution for building websites, mobile apps and forms.

The first batch of security updates or 'B' updates for the month of 'December 2020' is now available for all supported versions of Windows 10 including version 20H2. If you want to grab these updates, check for updates in the Settings and the update will begin installing. Below is the list of all new updates for Windows 10.